[ILUG] serious linux worm on the loose

I haven’t seen this hit the mainstream press, or slashdot or anywhere yet. It could be some obvious hole missed while configuring these Red Hat 7.3 boxes but I’m worried. 8 Red Hat 7.3 boxes were broken into and rooted. John doesn’t know how they were cracked, almost missed it but thinks it might be a worm mentioned in Phrack a while back..
I checked my own Red Hat 7.3 boxes and they appear to be fine but given the nature of the worm, it won’t be easy to find without shutting down first.

2 thoughts on “[ILUG] serious linux worm on the loose

  1. As John mentioned in his mail, some were up to date RH7.3 boxes, some weren’t. He doesn’t know how the boxes were infected, although the Phrack article mentions a vulnerability in PHP. Another weblog bemoaned Red Hat for not updating their PHP rpms so that could be related..

Leave a Reply

%d bloggers like this:

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.