10 of 15Image
The other OpenSSL problem
Ten to fifteen years ago, before there was awareness enough to create Heartbleed-level hysteria, some really horrible vulnerabilities in really important software would go relatively unnoticed.
CVE-2002-0656 is one of a few remote code execution vulnerabilities from that era in Apache web servers and OpenSSL — yes, the same OpenSSL implicated in Heartbleed. It was found by well-known researcher Alexander Sotirov who demonstrated how to use it to gain a shell, meaning code execution capability, on Apache/OpenSSL web servers and a root shell on some servers.
billy gates why do you make this possible ?
Blaster, also known as MSblast, LovSAN and a few other names, was the first of a series of persistent worms using remotely-exploitable Windows vulnerabilities to spread. Microsoft first released the update for the vulnerability used by it in July of 2003 and everyone knew the race was on to create a worm with the flaw, a buffer overflow in the DCOM RPC procedures, a protocol for remote program calls over the network.
Blaster appeared first in August. The Chinese authors of the A variant built it by reverse-engineering the Windows patch. The executable contained many inexplicable and taunting statements, such as the one pictured here. Blaster was buggy and frequently caused system shutdowns.
Unusually for these things, the author of the B variant was caught. He was an 18 year old from Minnesota and he received an 18 month prison sentence.
Sasser, the buggy botnet
MS04-011 was one of those "uh-oh" Patch Tuesday releases. Experts looked at CAN-2003-0533 ("a Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME") and immediately knew a worm was on its way.
Blaster had paved this trail months before and Sasser followed the script. By the end of the month that worm, Sasser, appeared on the scene. Sasser was also distinguished by its bugginess. It caused system shutdowns of the sort pictured here.
Just as with Blaster, the author of Sasser, an 18 year-old German, was caught. Because he was a minor when he wrote it he was treated as one and received a suspended sentence.