Linux Lupper.Worm In the WIld 363
jurt1235 writes "McAfee reports that a Linux worm has been found in the wild. The Linux/Lupper.worm is a derivative of the Linux/Slapper worm which also exists for BSD, just to be crossplatform. From the McAfee description: The worm blindly attacks web servers by sending malicious http requests on port 80. If the target server is running one of the vulnerable scripts at specific URLs and is configured to permit external shell commands and remote file download in the PHP/CGI environment, a copy of the worm could be downloaded and executed."
CONTINUE: (Score:5, Funny)
p.s. BURN KARMA BURN!
Complete infection (Score:5, Funny)
Before all teh MSFT fanboys jump on this, (Score:5, Funny)
IF you run a specific kernel version with some special module
AND you run one of a couple specific versions of one package not installed by default
AND you have a very "generic" config on that package
AND you have some plugins enabled, but not configured for security
AND you are on a world routable IP address
AND you have some specific vulnerable scripts,
THEN you might need to take a look at if you are at risk.
Paraphrased from the virus description of most MSFT worms:
IF you run an MSFT operating system
AND you havent reformated your HDD in the lsat hour
THEN its time to pucker up and kiss the sucker goodbye..
-GenTimJS
Re:CONTINUE: (Score:2, Funny)
And I'm sure this worm was written by a Microsoftie or possibly by Bill Gates himself.
I'm not worried... (Score:5, Funny)
Linux/BSD only (Score:4, Funny)
It is rumored that you can obtain the same level of compatibility with the Cygwin Suite, but that is not an officially supported configuration by Microsoft.
Never fear, though, Monad will bring Lupper, and similar PHP/Shell script worms to the Windows platform for the masses!
Seriously, though; isn't everyone fairly aware that PHP ain't that secure?
Re:Conditions for infection... (Score:5, Funny)
SCNR
Re:I'm not worried... (Score:4, Funny)
Yes, if your luck with PHP on linux is like mine, you'll have to resolve dependencies for about 15 minutes first
-WS
Gnu! (Score:5, Funny)
clearly a violation (Score:4, Funny)
Re:if it attacks PHP cross-platform... (Score:1, Funny)
No, there aren't. Primarily because "virii" IS NOT A WORD YOU TWIT!
Re:Remarkably Useless page. (Score:5, Funny)
I'll tell you what, anyone wants some practice exploiting the hole, here's the IP address of a vulnerable machine to practice on: http://127.0.0.1/ [127.0.0.1]
Knock yourselves out :-)
Re:I'm not worried... (Score:4, Funny)
Re:Remarkably Useless page. (Score:5, Funny)
They are just now discovering this??? (Score:3, Funny)
Between this and the SSH worm, maybe its time to investigate using Windows ME with Personal Web Server.
Re:CONTINUE: (Score:3, Funny)