Apache Worm

Mon May 17 11:38:12 PDT 2004

Also sprach stayler:
>
> Hi Guys.
> 
> This may seem a simplistic question but here it goes.  I take it the
> fix for this SSL exploit is to build the latest OpenSSL, 0.9.6g, and
> then rebuild Apache against it?  Or is it to rebuild modssl agains the
> new libraries?  I'd like to understand this a little better.

Strictly speaking, the worm (Slapper, I believe) exploits a problem in 
the OpenSSL code. Naytheless, upgrade to *at least* 0.9.6e of OpenSSL
(I think it's already to 0.9.6g) and then rebuild all applications that
use OpenSSL. According to the Apache web site (http://httpd.apache.org/),
you should upgrade apache to 1.3.26 or 2.0.40, unless you are using UNIX,
in which case, 2.0.39 should be safe.

Kurt
-- 
Life is like a simile.