Previous Security Advisories

"Mighty" Adds IRC Backdoor to Slapper

October 10, 2002

A fifth variant of the Slapper OpenSSL exploit worm has been spotted in the wild, but won’t be posing much of a risk since most vulnerable systems have already been infected or patched by now. “Mighty” is closely related to Slapper.D, but uses an IRC channel to receive commands, as opposed to the P2P network […]

Critical Overflow in FrontPage Server Extensions

September 25, 2002

Microsoft has issued security bulletin MS02-053 for a vulnerability in FrontPage Server Extensions 2000 and 2002. The SmartHTML Interpreter (shtml.dll), which is included in all FPSE editions, has a buffer overflow that can be exploited by a malformed HTTP request. For systems running FPSE 2000, this could allow an attacker to consume all of a […]

Slapper, Take Three; Suspect Arrested in Ukraine

September 24, 2002

Just a day after a second version of the Slapper worm was discovered, ISS has updated its advisories to report on Slapper.C, the third incarnation of this automated OpenSSL exploit. The most nefarious feature of this variant is that it attempts to overwrite every executable file on an infected system with copies of itself. It […]

« Older Entries   Newer Entries »