I have now seen a worm for the OpenSSL problems I reported a few weeks back in the wild. Anyone who has not patched/upgraded to 0.9.6e+ should be _seriously worried_. It appears to be exclusively targeted at Linux systems, but I wouldn't count on variants for other systems not existing. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
This archive was generated by hypermail 2b30 : Fri Sep 13 2002 - 11:48:03 PDT