Security experts divided on Slapper's threat
Experts are divided on how big a threat Slapper poses to the Internet infrastructure as a whole.
The worm, which exploits a known buffer overrun vulnerability in the Secure Sockets Layer 2.0 (SSLv2) handshake process is already believed to have infected over 13,000 Apache Web servers, according to Helsinki-based F-Secure, a computer and network security company. The worm infects host machines by using the SSL vulnerability to transfer its malicious source code to a remote machine, then compiling that code, producing a new executable, according to an advisory posted on Carnegie Mellon's CERT Coordination Center Web page.
[ Read more ]
- Virus: Worm.Linux.Slapper (18 September 2002)
- Press Release: Slapper Teaches Users Value of Safe Hex, Says Sophos Anti-Virus (16 September 2002)
- News: Linux worm hits the network (16 September 2002)
- Virus News: Reverse Engineered Slapper Worm (16 September 2002)
- Virus News: F-Secure Warns About a New Linux Worm (16 September 2002)
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.