Symantec - asia pacific
 global sites
products
purchase
service and support
security updates
downloads
about symantec
search
feedback


© 1995-2006 Symantec Corporation.
All rights reserved.
Legal Notices
Privacy Policy
press centre

Symantec WARNS of a computer worm: Apache/mod_ssl Exploit or Linux.Slapper.Worm

KUALA LUMPUR -- 16 September, 2002 - Today, Symantec's Security Response is monitoring a new exploit, Apache/mod_ssl Exploit or Linux.Slapper.Worm that targets vulnerable installations of the Apache Web server on the Linux operating system that includes versions of SuSe, Mandrake, RedHat, Slackware and Debian. The exploit also includes a number of peer-to-peer capabilities, which allow it to communicate with other clients, and participate in a Distributed Denial of Service Attack.

By sending a malformed client key, the exploit opens a shell on the client machine, which is then used to upload the exploit source code. Using the same shell, it then compiles the source and runs it with an IP address as parameter.

Administrators are encouraged to upgrade their OpenSSL installations to the latest version, currently 0.9.6g. If this is not possible, disabling the use of mod_ssl in Apache installations is recommended. If for some reason administrators are unable to install the patch, it may be possible to disable the SSL engine in the Apache Web server.

About Symantec Security Response
Symantec Security Response is one of the industry's largest dedicated team of virus experts. With offices located in the United States, Japan, Australia and the Netherlands, the sun never sets on Symantec Security Response. The centre's mission is to provide swift, global responses to computer virus threats, proactively research and develop technologies that eliminate such threats and educate the public on safe computing practices. As new computer viruses appear, Symantec Security Response develops identification and detection for these viruses and provides either a repair or delete operation, thus keeping users protected against the latest virus threats http://securityresponse.symantec.com.

About Symantec
Symantec, the world leader in Internet security technology, provides a broad range of content and network security software and appliance solutions to individuals, enterprises and service providers. The company is a leading provider of client, gateway and server security solutions for virus protection, firewall and virtual private network, vulnerability management, intrusion detection, Internet content and e-mail filtering, remote management technologies and security services to enterprises and service providers around the world. Symantec's Norton brand of consumer security products is a leader in worldwide retail sales and industry.