Linux worm targets PHP based application

by admin on November 8, 2005 · 0 comments

in Hakuna matata

There is news of a worm which uses a vulnerability in the PHPXMLRPC libraries to spread a computer virus. It is called as Linux/Lupper.worm. This is not just Linux or BSD specific it would affect anything that use the PHP. McAfee reports that

This worm spreads by exploiting web servers hosting vulnerable PHP/CGI scripts. It is a modified derivative of the Linux/Slapper and BSD/Scalper worms from which it inherits the propagation strategy. It scans an entire class B subnet created by randomly choosing the first byte from an hard-coded list of A classes and randomly generating the second byte.

WordPress blog software is secure from this attack :D Read the McAfee report here. More coverage is here and here.

Previous post:

Next post: