|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: exploit code targeting OpenSSL and Mod_SSL ?
From: Simayi (simayi.tw
yahoo.com.tw)
Date: Wed Apr 16 2003 - 23:24:17 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
----- Original Message -----
From: "Joe Stewart" <jstewartlurhq.com>
To: "John" <johnccostayahoo.ca>; <vuln-devsecurityfocus.com>
Sent: Wednesday, April 16, 2003 12:11 AM
Subject: Re: exploit code targeting OpenSSL and Mod_SSL ?
>
> There's a lot of that going on right now. I wrote an analysis of one
> particular OpenSSL exploit kit that is circulating:
>
> http://www.lurhq.com/atd.html
>
> From what I've seen, almost all of the kiddie activity on port 443 lately
> based on openssl-too-open.c by Solar Eclipse.
I find a similar exploit code, OpenFuck.c .
It seems to be able to exploit Linux and FreeBSD.
I have a problem.
The memory management mechanism of FreeBSD is different from Linux.
Why can it exploit FreeBSD ?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]