[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Re: Re:OpenSSL Worm in the wild....

Subject: [cobalt-users] Re: Re:OpenSSL Worm in the wild....
From: Charlie Summers <charlie@xxxxxxxxxx>
Date: Fri Sep 13 20:03:01 2002
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

At 10:30 PM -0400 9/13/02, Shaun T. Erickson is rumored to have typed:

> This is a new  worm, discovered today.

   (*sigh*) THIS particular exploit is new (actually, this particular worm is
new; the exploit is actually a few weeks old). An exploit depending on the
response of the "Server:" HTTP response field is, I repeat, old news. Old.
News. Not that a reminder isn't useful and all, but this config entry is
hardly valid only for this one new worm, either, and was suggested in July,
or even earlier (my local archives don't go back any farther, and I'm too
lazy to hit the website or pull the CD). Feel free to search the archives
yourself if you believe this is the first time the subject of changing the
result of ServerTokens has come up.

         Charlie

Follow-Ups:
- RE: [cobalt-users] Re: Re:OpenSSL Worm in the wild....
  - From: Dan Kriwitsky

References:
- [cobalt-users] Re:OpenSSL Worm in the wild....
  - From: Charlie Summers
- Re: [cobalt-users] Re:OpenSSL Worm in the wild....
  - From: Shaun T. Erickson

Prev by Date: Re: [cobalt-users] Re:OpenSSL Worm in the wild....
Next by Date: Re: [cobalt-users] OpenSSL Worm in the wild....
Previous by thread: Re: [cobalt-users] Re:OpenSSL Worm in the wild....
Next by thread: RE: [cobalt-users] Re: Re:OpenSSL Worm in the wild....

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index