Operating Systems > Linux and UNIX

Another Linux worm surfaces

(1/3) > >>

slave:
http://www.theage.com.au/articles/2002/10/08/1033538931238.html

October 8 2002

"Another Linux worm, known as Mighty, is making the rounds, according to information available from Russian anti-virus vendor Kasperksy Labs.

Kaspersky Labs has so far registered over 1,600 infected systems worldwide.

Mighty uses the same vulnerability in OpenSSL that the Slapper worm and its variants, Slapper.B and Slapper.C used and spreads in similar ways with some differences.

Mighty has the same source code spreading method as Slapper: to ensure compatibility with all versions of OpenSSL, but one of the worm's components (sslx.c, which is responsible for penetration via the security system vulnerability) does a fresh recompile on each computer.

Mighty also sets up a backdoor utility (designed to gain unauthorised control) which connects to one of the remote IRC channels from where an attacker can operate. It can this leak out information, corrupt data, and use infected machines to conduct distributed denial of service attacks."

this OpenSSL vulnerability has been around for quite a while now!  I guess some Linux users are as bad at updating their systems reguarly as Windows users are.

Master of Reality:
all ya gotta do is upgrade OpenSSL and you will be fine.

pkd_lives:
The Patch for the vulnerability was released a while ago.

voidmain:
Let's see, we have two Windows geeks here and every time a new Linux vulnerability comes out they both have to post it. Geez if we started posting every Windows vulnerability the web master would have to get some more disk drives to hold the database.

zooloo:
When there is a Linux vulnerability the whole community shouts about it from the roof tops.

When there is an MS vulnerability they deny that any such thing is possible, then blame the users for not updating.

Sure shit happens, but it's what you do about it that counts - the Linux community seems to take pride in fixing bugs etc.  Meanwhile MS fudge it, take ages to sort out the problem and then they act like they are doing the users some kind of favour.

I know where my business is going to.

Navigation

[0] Message Index

[#] Next page

Go to full version