Linux/Slapper spreads to Linux machines by exploiting the long SSL2 key argument buffer overflow in the libssl library, which the mod_ssl module of the Apache 1.3 Web servers used. When attacking a machine, the worm attempts to fingerprint the system by first sending an invalid GET request to the http port—port 80—and expecting Apache to return its version number, as well as the Linux distribution on which it was compiled with an error status.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
