Slashdot Mirror
Linux Lupper.Worm In the WIld
jurt1235 writes "McAfee reports that a Linux worm has been found in the wild. The Linux/Lupper.worm is a derivative of the Linux/Slapper worm which also exists for BSD, just to be crossplatform. From the McAfee description: The worm blindly attacks web servers by sending malicious http requests on port 80. If the target server is running one of the vulnerable scripts at specific URLs and is configured to permit external shell commands and remote file download in the PHP/CGI environment, a copy of the worm could be downloaded and executed."
HELLO WORLD
73019 73019
HELLO WORLD
63025 63025 17392 17392 14423 14423 20330 20330 10502 10502
39249 39249 11666 11666 92050 92050 31489 31489 12017 12017
91449 91449 71201 71201 95063 95063 67563 67563 79077 79077
51271 51271 99720 99720 86892 86892 72445 72445 87005 87005
14701 14701 93874 93874 05152 05152 76098 76098 60587 60587
83326 83326 05000 05000 75456 75456 19169 19169 71103 71103
29614 29614 33310 33310 21885 21885 38037 38037 72288 72288
30196 30196 92021 92021 40729 40729 81165 81165 55873 55873
78412 78412 60643 60643 73637 73637 06040 06040 57886 57886
09843 09843 83878 83878 47509 47509 53767 53767 63647 63647
54452 54452 51669 51669 20767 20767 96241 96241 72135 72135
92127 92127 52121 52121 76879 76879 25238 25238 42595 42595
08869 08869 21689 21689 16334 16334 77427 77427 56470 56470
50724 50724 49221 49221 30932 30932 39564 39564 19423 19423
13439 13439 67032 67032 05322 05322 40985 40985 90064 90064
94614 94614 99157 99157 20574 20574 59352 59352 79309 79309
48629 48629 31259 31259 26644 26644 58377 58377 73247 73247
55599 55599 34649 34649 55873 55873 61385 61385 19036 19036
92464 92464 03611 03611 09276 09276 77138 77138 87096 87096
70851 70851
K-BYE
I seem to recall a couple of Linux distros that DO install and run
a web browser the first time you log in. Definately Knoppix does,
(although it's Konquerer) and I think Ubuntu did as well.
I don't consider this a problem... just pointing it out.