Security Advisories
Slapper, Take Three; Suspect Arrested in Ukraine
September 24, 2002
Just a day after a second version of the Slapper worm was discovered, ISS has updated its advisories to report on Slapper.C, the third incarnation of this automated OpenSSL exploit. The most nefarious feature of this variant is that it attempts to overwrite every executable file on an infected system with copies of itself. It […]
OpenSSL Worm Slowing Down
September 20, 2002
A little over a week after being discovered, the OpenSSL Slapper worm has started slowing down. Some 7,000-10,000 servers have been infected, which pales in comparison to Code Red’s 400,000 or Nimda’s 86,000 last year. Fortunately, the worm’s P2P network was not utilized to cause any severe damage, although Symantec claims that a few companies […]
Session Hijacking, DoS Bugs in Windows Remote Desktop
September 19, 2002
Update: We’ve just found out that Windows XP Pro SP1 does include patches for these two vulnerabilities, and MS has released bulletin MS02-051 with a fix for Windows 2000 as well. Multiple vulnerabilities have been discovered in Microsoft’s Remote Desktop Protocol, which is used to power Terminal Services for Windows 2000 servers, as well as […]
« Older Entries Newer Entries »
