----- Original Message ----- From: "Joe Stewart" <jstewartat_private> To: "John" <johnccostaat_private>; <vuln-devat_private> Sent: Wednesday, April 16, 2003 12:11 AM Subject: Re: exploit code targeting OpenSSL and Mod_SSL ? > > There's a lot of that going on right now. I wrote an analysis of one > particular OpenSSL exploit kit that is circulating: > > http://www.lurhq.com/atd.html > > From what I've seen, almost all of the kiddie activity on port 443 lately > based on openssl-too-open.c by Solar Eclipse. I find a similar exploit code, OpenFuck.c . It seems to be able to exploit Linux and FreeBSD. I have a problem. The memory management mechanism of FreeBSD is different from Linux. Why can it exploit FreeBSD ?
This archive was generated by hypermail 2b30 : Thu Apr 17 2003 - 12:55:38 PDT