And in addition to patching up... (Always the best move no matter what.) I've read where going into /tmp and doing
touch bugtaq bugtraq.c chmod 400 bugtraq bugtraq.c Seems to fool the program into thinking this is an already cracked box (Havent proof this works but a little extra precaution always makes me feel better.) James On Tue, 2002-09-24 at 17:42, Jeffrey Twu wrote: > (sorry, inserted carriage returns below) > > Hi folks, > > A web server at work got cracked on Sunday, and it looks like > they used the SSL hole. The bad person left a .tar.gz file in a > directory, and we did a google search on the filename, and voila -- it > was a script (uploaded Sep 17) that exploited the vulnerability. > > I heard about the SSL vulnerability before our server was > cracked, and did some reading. I didn't patch, because of: > > http://www.mandrake.com/en/archives/expert/2002-09/msg00588.php > > The paragraph where they wrote Linux-Mandrake 8.2 was not vulnerable > ... well, maybe they were referring to it with the openssl -2.3mdk > patch. > > So, patch up, even if you read something that says "this is > not vulnerable", as you may be taking it out of context, or they may > be wrong. As of Sep 17 at least, there are automated tools for script > kiddies that will exploit the hole. > > Here's the 8.2 security page: > > http://www.mandrake.com/en/security/mdk-updates.php3?dis=8.2 > > I assume this is the right one to install: > > http://www.mandrake.com/en/security/2002/MDKSA-2002-046-1.php?dis=8.2 > (That gives you the filename; I assume you click on FTP server mirrors > and find a mirror to actually download it. I haven't really used > Mandrake's auto-update tools.) > > There is a longer discussion here: > > http://www.mandrake.com/en/archives/expert/2002-09/ > (search for openssl) > > Jeffrey Twu > [EMAIL PROTECTED] > > ---- > > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
