Linux Worm Exploits PHP XMLRPC Vulnerability

Linux Worm Exploits PHP XMLRPC Vulnerability

Linux News

Pro Blogging News

RELATED NEWS

Samsung SCX-3201 Laser Printer Specification and Price

How to Backup & Restore Firefox Preferences?

Google Official Offers $1000 For Kinect Hack

HP Mini 1103: Specifications & Features

Wipro Infocrossing to set up new data centre in US

HP Mini 1103: A Quick Look at the Budget Business Laptop

Kinect Can be Used as 3D Video Tool: Ahoy 3D Videographers!

How To Break Into Any Password Protected Windows/Mac Computers

Top 5 Best Popular Linux Distributions

How to Make Wine Apps Match Your GTK Theme

By Angsuman Chakraborty, Gaea News Network
Wednesday, November 9, 2005

There are few reports of an attack by a new Linux worm called Lupper which exploits a well known PHP XMLRPC implementation vulnerability.

PHP XMLRPC implementation is used in a large number of popular web applications such as PostNuke, Drupal, b2evolution, Xoops, PHPGroupWare, TikiWiki etc.

Most of these packages have updated to provide a patch for the XMLRPC for PHP vulnerability.

If you are still running an old version, you should get it updated immediately.

WordPress 1.5 or higher is safe from this worm. Since the release of version 1.5, WordPress has used a completely different XML-RPC library, called IXR.

From the submitted logs, it attempts to wget a remote access Trojan from one system and using the Trojan to try to connect to another site via port 8080.

The risk factor is low so far. It is however interesting as it is the first known case of exploitation of the vulnerability as a worm.

Link

NAME :	(REQUIRED)
MAIL :	(REQUIRED) will not be displayed
WEBSITE :	(OPTIONAL)

YOUR COMMENT :
	Submit Notify me of followup comments via e-mail

Older News