Slashdot Mirror


New Linux Worm Found in the Wild

randomErr writes "The worms, Slapper.B and Slapper.C, which exploits a known buffer overrun vulnerability in the Secure Sockets Layer 2.0 (SSLv2) handshake process has infected thousands of Web servers worldwide, according to Helsinki-based F-Secure Corp., a computer and network security company. "

4 of 366 comments (clear)

  1. Finally... by TonyZahn · · Score: 5, Funny

    ... we're starting to catch up with Microsoft in the vital worm-propagation field, where they've been unmatched for years. :-)

    Laugh, it's a joke

    --
    - sig? who is this sig of which you speak?
  2. A few hopes... by Lethyos · · Score: 5, Funny

    1. That most system admins out there are bright enough to keep their machines up to date with the latest patches.

    2. Whoever is writing these worms knows how much damage they're doing to open source. It would have been preferrable to inform the OpenSSL people first, wait a month, then release the worm.

    Of course, by the time you read this, the bug will have been patched. ;)

    --
    Why bother.
    1. Re:A few hopes... by Elphin · · Score: 5, Funny

      > It would have been preferrable to inform
      > the OpenSSL people first, wait a month,
      > then release the worm.

      Dear OpenSSL,

      We are about to release an "internet worm" which will wreak havoc on the worldwide "internet" if you don't pay a ransom of... (place little finger on lower lip) ...ONE BILLION DOLLARS!

      Kind regards,

      Dr Evil

      Seriously though, I think I'm correct in saying that slapper exploits a flaw in OpenSSL patched well before the first slapper outbreak.

  3. Re:oh no! by Jim+Norton · · Score: 5, Funny
    This is the sort of thing that makes open source (and linux) look amateurish, unprofessional, and insecure.

    I wonder how Windows must look then. Yikes!

    --
    -- Jim