[TriLUG] openssl bug
Mike Johnson
trilug@trilug.org
Wed, 18 Sep 2002 09:05:41 -0400
--gJNQRAHI5jiYqw2y
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Greg Brown [gregbrown@mindspring.com] wrote:
=20
> Looking at the release date I'd say that it's fairly impossible that=20
> this is going to fix any bugs discovered after August, 01, 2002. =20
> Correct?
>=20
> So my website is still down (not a big deal, really) but I would like=20
> to get it back up and running sometime..
I'm not sure if the replies from other folks were clear, or not, but
this worm (much like CodeRed and Nimda) is not exploiting a -new-
vulnerability. They are exploiting an old vulnerability that was
announced in the July time frame.
First, see CERT's post on the worm:
http://www.cert.org/advisories/CA-2002-27.html
Within that, they link to their earlier message on the actual vuln:
http://www.cert.org/advisories/CA-2002-23.html
In the vendor response section of that second page, you see RedHat's
reponse:
http://rhn.redhat.com/errata/RHSA-2002-155.html
Make sure the RPMs you have installed match the recommended RPMs from
RedHat's page, and you're fine. It's not so much that you need any new
patch to defend against this worm, you need the patch that fixes the
vulnerability that the worm exploits, for which updates were released in
late July.
Hope that clears things up a bit.
Mike
--=20
"Let the power of Ponch compel you! Let the power of Ponch compel you!"
-- Zorak on Space Ghost
GNUPG Key fingerprint =3D ACD2 2F2F C151 FB35 B3AF C821 89C4 DF9A 5DDD 95D1
GNUPG Key =3D http://www.enoch.org/mike/mike.pubkey.asc
--gJNQRAHI5jiYqw2y
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (OpenBSD)
Comment: For info see http://www.gnupg.org
iD8DBQE9iHolicTfml3dldERAjLDAKDBjmMAieimWDRQWWOnSQpc2PkC4gCfTT1w
srKP4xZ6iDV1hRyBUzYpZFw=
=9Spk
-----END PGP SIGNATURE-----
--gJNQRAHI5jiYqw2y--