Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.

Peer to peer WORM napada LINUX APACHE servere!?

[es] :: Security :: Peer to peer WORM napada LINUX APACHE servere!?

[ Pregleda: 5380 | Odgovora: 2 ] > FB > Twit

Postavi temu Odgovori

Autor

Pretraga teme: Traži
Markiranje Štampanje RSS

Gojko Vujovic
Amsterdam, NL

Administrator
Član broj: 1
Poruke: 13651



+164 Profil

icon Peer to peer WORM napada LINUX APACHE servere!?16.09.2002. u 15:22 - pre 242 meseci
http://www.nwfusion.com/news/2002/0913p2pworm.html

By Ellen Messmer
Network World Fusion
09/13/02

A computer worm dubbed Linux.Slapper.Worm has started to spread on the
Internet by exploiting the Linux Apache Web server vulnerabilities
that are related to the OpenSSL protocol. The vulnerabilities were
first detailed July 30 by The OpenSSL Group.

According to antivirus firm Symantec, the Linux.Slapper.Worm is the
first worm to make use of peer-to-peer networking technology, which
has allowed infected servers to maintain contact. This would
potentially give a hacker control of a constellation of infected
boxes.

The worm, which is still being analyzed, can capture e-mail addresses
and could potentially do greater harm, says Oliver Friedrichs, senior
manager at the Symantec Security response division. Symantec said that
on Friday there were at least 2,000 infections from the worm, which
was first reported in Portugal and Romania.

The worm can infect Linux servers from companies such as Red Hat,
Mandrake, Caldera, Slackware and Debian that have not been upgraded to
the 0.9.6g version of the OpenSSL Group's software for Secure Sockets
Layer. That upgrade fixes the vulnerabilities detailed on July 30.

The worm is raising particular concern because "it has its own
peer-to-peer networking protocol," said Friedrichs. "Potentially,
someone can inject a command into the peer-to-peer network and send it
to the compromised hosts."

Symantec is still examining the Linux.Slapper.Worm to better
understand how dangerous it is. The worm spreads like the well-known
Nimda worm, which started a year ago, by scanning. That scanning
activity might result in some denial-of-service problems.

But unlike Nimda, which is still active and infects vulnerable
Microsoft Internet Information Servers, the Linux.Slapper.Worm is said
to go one step further and set up links among the Linux machines it
infects. Symantec said it intends to issue periodic updates on what it
discovers about Linux.Slapper.Worm.
 
Odgovor na temu

Gojko Vujovic
Amsterdam, NL

Administrator
Član broj: 1
Poruke: 13651



+164 Profil

icon Re: Peer to peer WORM napada LINUX APACHE servere!?16.09.2002. u 15:37 - pre 242 meseci
 
Odgovor na temu

Gojko Vujovic
Amsterdam, NL

Administrator
Član broj: 1
Poruke: 13651



+164 Profil

icon Re: Peer to peer WORM napada LINUX APACHE servere!?16.09.2002. u 15:39 - pre 242 meseci
Po navodima f-secure.com, 2002-09-16 u 11:40 GMT bilo je 11249 inficiranih hostova.

Vise o ovome:

http://www.cert.org/advisories/CA-2002-23.html
http://www.openssl.org/news/secadv_20020730.txt
http://www.debian.org/security/2002/dsa-136
http://www.mandrakelinux.com/en/security/2002/MDKSA-2002-046.php
http://rhn.redhat.com/errata/RHSA-2002-155.html
http://www.suse.com/de/security/2002_027_openssl.html
 
Odgovor na temu

[es] :: Security :: Peer to peer WORM napada LINUX APACHE servere!?

[ Pregleda: 5380 | Odgovora: 2 ] > FB > Twit

Postavi temu Odgovori

Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.