Forwarded from: Muhammad Faisal Rauf Danka <mfrdat_private> http://www.pcw.co.uk/News/1135304 By Iain Thomson [24-09-2002] Barely 24 hours after the Slapper B worm started to show up on antivirus monitoring stations, a new variant has cropped up. According to security specialist ISS, Slapper C has infected 1,500 servers already and is spreading, although a source point has not been identified at this time. The company warned that the source code for Slapper has spread quickly among the underground community, and will be the development platform of choice for future attacks. Slapper and its variants exploit a vulnerability in the Secure Sockets Layer 2.0 of Apache web servers using distributions from Red Hat, Mandrake, SuSE, Gentoo and Slackware. Its suspected creator was arrested in the Ukraine on Wednesday. "We're still analysing this but it doesn't look to be significantly different from the B variant," said Jack Clark from Network Associates' AVERT monitoring centre. "Get your Apache systems patched and update your antivirus software and you should be fine." A patch for all current variants is available from distributors. Regards -------- Muhammad Faisal Rauf Danka Head of GemSEC / Chief Technology Officer Gem Internet Services (Pvt) Ltd. web: www.gem.net.pk Key Id: 0x784B0202 Key Fingerprint: 6F8C EDCF 6C6E 06A5 48D7 6A20 C592 484B 784B 0202 __________________________________________ [ATTITUDEX.COM] http://www.attitudex.com/ --------------------------- - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed Sep 25 2002 - 03:04:15 PDT