Linux.Slapper.Worm is a family of worms that use an OpenSSL buffer overflow exploit
to run a shell on a remote computer. Each variant of the family targets vulnerable installations of the Apache Web server on Linux operating systems, which include versions of SuSe, Mandrake, RedHat, Slackware, and Debian. The worm also contains code for a Distributed Denial of Service (DDoS) attack.
More than 3,500 computers have been observed performing this activity, according to Symantec DeepSight Threat Management System data. This includes computers located in Portugal and Romania, where initial reports of the worm originated.
For additional information, read the Symantec Security Response advisory at: http://securityresponse.symantec.com/avcenter/security/Content/2002.09.13.html
For patch information on vulnerable products, visit http://online.securityfocus.com/bid/5363/solution
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.