Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux Worm Spreading, Many Systems Vulnerable

Posted by timothy on from the patchy-patchy dept.

sverrehu writes "A GNU/Linux worm exploiting a bug in OpenSSL spreads through vulnerable Apache web servers, according to Symantec. The worm, which was first reported in Europe, targets several popular Linux distributions. See also the SecurityFocus vulnerability listing for the OpenSSL bug." sionide also writes: "Netcraft recently published a report which explains that a large portion of Apache systems are still unpatched (halfway down). To protect yourself please upgrade to OpenSSL 0.9.6g."

6 of 546 comments (clear)

  1. Finally by SpanishInquisition · · Score: 5, Funny

    Linux can compete with Microsoft.

    --
    Je t'aime Stéphanie
  2. Apache/BSD/Linux not GNU/Linux by GodWasAnAlien · · Score: 2, Funny

    In this case at the very least, you should call
    such a system Apache/BSD/GNU/Linux, not just GNU/Linux. for obvious reasons.

  3. Re:Linux is losing an important edge by madenosine · · Score: 5, Funny

    it was only a matter of time before hackers showed an interest in this OS

    hackers? interested in linux?! no way!

    ...it had to be said

  4. Re:Competence closes this hole too... by Anonymous Coward · · Score: 1, Funny

    What planet do you come from?

    Who the f changes permissions on gcc so only root can run it?

    I suppose you ./configure everything as root, be sure to go out and download trojaned copies of BitchX and fragroute while you are at it.

    And your 'run httpd as someone else' helps a whole lot when most of the content served by a webserver can typically be owned by the same user. Doesn't take much work to find out where files are at and destroy them. The program also communicates on 2002/udp, so it matters not what user ran the exploit.

    I can't imagine there's a single person out there with the User/Group directives set to root, but you still have to start it as root.

    Geez.

  5. They only hack the ones they LOVE!! by Proudrooster · · Score: 2, Funny

    When hackers stop bothering to hack your software, it is a sign that their love for you has grown cold and you are now irrelevant. Has anyone hacked Novell lately? :)

    To be truly loved is to get hacked! Someone out there must really love Microsoft, but I am glad they are starting to share the love with the Open Source community more and more. It is a sign that the love for Microsoft may be starting to fade or maybe hackers are just plain sick of "shooting fish" in the idomatic barrel.

    Either way, I am going to go block UDP on port 2002 on the fw/router and mumble to myself about buffer overflows.

  6. Re:Glad to see Redhat helping out...themselves by zulux · · Score: 3, Funny

    Microsoft doesn't charge for updates, patches, and service packs.

    Funny that, I thought I paid Microsoft $135 for Windows 98. Perhaps I'm just imaging it. Oh well, I look forward to receiving the free versions of Windows that you seem to think are out there.

    Oh wait. Then I realise that your just full of BS. Hell, even Office 2000 SP2 disables installations of Office 2000 that are useing known "pirated" instalation keys. So much for "free."

    Jesus, I just drank half a bottle of wine, fucked my girfriend, fired up the Thinkpad and noticed your BS, and I still make more sense than you.

    --

    Moneyed corporations, non-working 'poor' and criminal prisoners are turning productive citizens into tax-slaves.