[ news_security_news ]
New Mare Kicks At Linux
John Stith
Staff Writer
2006-02-20
 Insider Reports RSS Feed
Much attention is going to other viral issues on other operating systems right now. That doesn't mean operating systems like Linux don't feel the love because it does. The delightfully well-received Mare family of worms has yet another offspring and this one exploits a vulnerability in Mambo.
According to F-Secure's bulletin:
Mare.D is a network worm that propagates by exploiting vulnerabilities in the Mambo content management system and the PHP XML-RPC library. The worm installs several backdoors to the compromised system.
The kick in this Mare comes in the form of several backdoors into the infected system. Two of them are connectback shell backdoors that hook up to a remote host on 8080/TCP and open an interactive shell on the infected host. The third is an IRC-controlled backdoor, written in Perl, and waits for marching orders. Apparently, the primary part of the worm can listen in through a 27015/UDP port. Then the attack can do all kinds of naughty things.
Once again, it's always a good idea to keep up the software updates and patches for both security and the OS. That's the best way, other than not turning on your computer to preventing these viruses.
Add to | DiggThis| Yahoo My Web
About the Author:
John is a staff writer for SecurityProNews covering cyber security.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
