Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

CERT/CC CA-2002-27 Apache/mod_ssl worm

CERT/CC released advisory #CA-2002-27 on Saturday - and at the same time we had a system repeatedly fail on port 443. My NR array shows negative, but is back-revved to 3.1(2)S27 (due to recent long-term maintenance just completed) and shows no activity. I will have my sensors up to the new service pack this morning, but I need to know what to look for. Is this covered in these sigs (since the vulnerability was discovered in July), and if so, which one is it? Otherwise, can you publish a manual signature?

Very many thanks!

1 REPLY
Bronze

Re: CERT/CC CA-2002-27 Apache/mod_ssl worm

We are working on this and will hopefully have signature coverage shortly. Stay tuned.

99
Views
0
Helpful
1
Replies
CreatePlease to create content