Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux Lupper.Worm In the WIld

Posted by CmdrTaco on from the inching-its-way-around-the-net dept.

jurt1235 writes "McAfee reports that a Linux worm has been found in the wild. The Linux/Lupper.worm is a derivative of the Linux/Slapper worm which also exists for BSD, just to be crossplatform. From the McAfee description: The worm blindly attacks web servers by sending malicious http requests on port 80. If the target server is running one of the vulnerable scripts at specific URLs and is configured to permit external shell commands and remote file download in the PHP/CGI environment, a copy of the worm could be downloaded and executed."

2 of 363 comments (clear)

  1. Remarkably Useless page. by Short+Circuit · · Score: 5, Interesting
    First, what vulnerability does it exploit? I wasn't able to find any decent info on Linux/Slapper, and that's all it references.

    Second, how do you remove it? Quoth the page:
    Removal Instructions
    AVERT recommends to always use latest DATs and engine . This threat will be cleaned if you have this combination.

    Additional Windows ME/XP removal considerations

    --
    tasks(723) drafts(105) languages(484) examples(29106)
  2. Too many ifs by SolitaryMan · · Score: 5, Interesting

    If the target server is running one of the vulnerable scripts at specific URLs and is configured to permit external shell commands and remote file download in the PHP/CGI environment ...

    which in practice means that your admin have died a couple of years ago but was never replaced.

    --
    May Peace Prevail On Earth