How is this a GNU/Linux Worm?

Posted by tadelste on Feb 21, 2006 7:28 AM EDT
Lxer.com; By cgagnon, AnomymousCoward and wjl
Mail this story
Print this story

Comment(s) of the Day - February 21, 2006

cgagnon writes: Although not easily (my supposition based on information on the net...I don't do windows), php runs under windows and I would hazard a guess that the Mambo CMS would as well. So how is this deemed a GNU/Linux worm?

Then comes the next comment? Hmmm - PHP Version 1.x?

Connected to:
Linux worm turns on Mambo and PHP

AnomymousCoward replies:

'Coz we're special. (-:

Nothing ever happens to us, so when something can be connected with Linux, it is. Sensationalism, of a kind.



Ah! There's the connection: the exploit was compiled with gcc.

What can I say? It's about time: we've gone years without significant security excitement, now we've got something to do... if we run Mambo (I don't) and XML-RPC for PHP (I don't). Oh, well, back to twiddling thumbs, I guess...



Sorry, forgot to mention: if you update your Linux system once a year, you will be invulnerable to this even if you're running the applications in question. The most recent vuln was Jul 2005, the other was Feb 2005.

Call me paranoid, but I cron my updates in nightly.



wjl then writes: Hmmm - PHP Version 1.x?



Who is using that anyway?

Looks a bit like putting fuel into the fire to me...

AnonymousCoward replies: No, XML-RPC version 1.x for PHP.

  Nav
» Read more about: Story Type: LXer Features

« Return to the newswire homepage

Subject Topic Starter Replies Views Last Post
It is a Linux worm because... AnonymousCoward 0 1,770 Feb 21, 2006 2:03 PM

You cannot post until you login.