Lupper Worm Targets Linux
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Y! MyWeb
Share:
Sponsors:
By Nancy Weil, IDG News Service
A worm that affects
Linux systems and spreads by exploiting Web server-related vulnerabilities has been reported by antivirus companies, but so far Linux.Plupii, which is also known as Lupper, hasn't spread much and isn't seen as much of a threat.
Linux users should update antivirus software and patches to protect against the worm, say representatives of the major antivirus product vendors said. Both McAfee and Symantec have updated their software to identify and stop the worm.
Information about the worm can be found at McAfee's Web site and also from Symantec.
How Worm Works
The worm spreads by exploiting Web servers hosting vulnerable PHP/CGI programming language scripts, according to McAfee. The worm is a derivative of the Linux/Slapper and BSD/Scalper worms from which it has taken its propagation strategy, McAfee said in information provided on its Web site about the worm, which was discovered Sunday.
The worm attacks Web servers by sending malicious Hypertext Transfer Protocol (HTTP) requests on port 80, McAfee said. If the server being targeted is running a vulnerable script at certain URLs and is configured to permit external shell commands and remote file download in PHP/CGI the worm could be downloaded and executed, McAfee said. It can also harvest e-mail addresses stored in Web server files.
The worm opens a back door on a compromised computer and then generates URLs to scan for other computers to infect and that can affect network performance, according to Symantec.
Symantec rates the worm as having a medium damage and distribution threat. As of Tuesday morning, it hadn't spread much and Symantec said it is easy both to contain and remove. McAfee assessed it as a low threat for both corporate and home users.
Article submitted by: Webshark
Last Update: 11-08-2005
Category: Off Topic Info
A worm that affects
Linux systems and spreads by exploiting Web server-related vulnerabilities has been reported by antivirus companies, but so far Linux.Plupii, which is also known as Lupper, hasn't spread much and isn't seen as much of a threat.
Linux users should update antivirus software and patches to protect against the worm, say representatives of the major antivirus product vendors said. Both McAfee and Symantec have updated their software to identify and stop the worm.
Information about the worm can be found at McAfee's Web site and also from Symantec.
How Worm Works
The worm spreads by exploiting Web servers hosting vulnerable PHP/CGI programming language scripts, according to McAfee. The worm is a derivative of the Linux/Slapper and BSD/Scalper worms from which it has taken its propagation strategy, McAfee said in information provided on its Web site about the worm, which was discovered Sunday.
The worm attacks Web servers by sending malicious Hypertext Transfer Protocol (HTTP) requests on port 80, McAfee said. If the server being targeted is running a vulnerable script at certain URLs and is configured to permit external shell commands and remote file download in PHP/CGI the worm could be downloaded and executed, McAfee said. It can also harvest e-mail addresses stored in Web server files.
The worm opens a back door on a compromised computer and then generates URLs to scan for other computers to infect and that can affect network performance, according to Symantec.
Symantec rates the worm as having a medium damage and distribution threat. As of Tuesday morning, it hadn't spread much and Symantec said it is easy both to contain and remove. McAfee assessed it as a low threat for both corporate and home users.
Article submitted by: Webshark
Last Update: 11-08-2005
Category: Off Topic Info
Current rating: 5.5 by 38 users
| Would you recommend this article to a friend? |
| Not a Chance | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | Absolutely |
Related News Stories
(15,152 reads) 03-29-2007
· Adobe Photoshop CS3 published(13,140 reads) 08-03-2006
· FBI calls for hacker help.(14,969 reads) 07-20-2006
· Become a Friend of Firefox.(12,732 reads) 07-15-2006
· Recently unearthed e-mail reveals what life was like in 1995(14,559 reads) 02-23-2006
· Inside Windows Vista ( Build 5308) + slide show(13,261 reads) 02-21-2006
· do-you-have-a.COM ? thinking-to-buy-a.COM ?(13,434 reads) 01-17-2006
· Websites judged in milliseconds(14,024 reads) 01-17-2006
· Stolen Corvette found after 37 years (Reuters)(13,634 reads) 01-17-2006
· Two patients in surgical slip-up (Reuters)(13,025 reads) 01-17-2006
· Goose Poop a Problem for Oakland Parkgoers (AP)
Please register or sign-in to post comments.