[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: slapper worm

From: "G. Roderick Singleton" <gerry pathtech org>
To: Discussion of the Fedora Legacy Project <fedora-legacy-list redhat com>, lsomike futzin com
Cc:
Subject: Re: slapper worm
Date: Tue, 24 Jan 2006 14:37:31 -0500

On Tue, 2006-01-24 at 13:20 -0600, Mike Klinke wrote:
> On Tuesday 24 January 2006 13:08, Mike McCarty wrote:
> 
> > I'm a little shocked at this, frankly. I Googled around, and
> > found mentions of the Slapper going back to 2002. Why is it that
> > this exploit (and variations of it) haven't all been stamped
> > out years ago?
> 
> 
> Read the link I posted yesterday, according to them, it's been 
> rewritten to exploit new ways to get in to your box.
> 
> http://www.lurhq.com/slapperv2.html
> 
> 

This exploit can be managed. Please see http://www.modsecurity.org/ 
Apparently, this is known and requires updating of xmlrpm.php libraries.

-- 
G. Roderick Singleton <gerry pathtech org>
PATH tech

References:
- slapper worm
  - From: Michael Mansour
- Re: slapper worm
  - From: James Kosin
- Re: slapper worm
  - From: Mike McCarty
- Re: slapper worm
  - From: Mike Klinke

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]