Analysis of Modap worm

From: Mario van Velzen (mvelzenat_private)
Date: Mon Sep 16 2002 - 16:30:11 PDT

Next message: Marcelo Barbosa Lima: "Re: Interesting packets"

Previous message: Curt Wilson: "Win2K Advaned Server compromise report available"
Next in thread: Mario van Velzen: "Analysis of Modap worm"
Reply: Paul Wouters: "Re: Analysis of Modap worm"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Greetings,

We have completed and released our analysis of the Modap worm, which has
been targeting Apache Web servers running vulnerable versions of OpenSSL.

In addition, we have also released to the public our initial Incident
Alert on this issue, available at:
http://analyzer.securityfocus.com/alerts/020913-Alert-Apache-mod_ssl-Exploit.pdf

The full analysis is available at:
http://analyzer.securityfocus.com/alerts/020916-Analysis-Modap.pdf

If you have any comments or concerns, please do not hesitate to contact
me.

Cheers,

Mario Van Velzen, mvelzenat_private
DeepSight Threat Management System, Symantec


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Marcelo Barbosa Lima: "Re: Interesting packets"
Previous message: Curt Wilson: "Win2K Advaned Server compromise report available"
Next in thread: Mario van Velzen: "Analysis of Modap worm"
Reply: Paul Wouters: "Re: Analysis of Modap worm"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Sep 17 2002 - 17:47:31 PDT