Language Selection

English French German Italian Portuguese Spanish

Linux/Lupper.worm rears its ugly head

Filed under
Security

This worm spreads by exploiting web servers hosting vulnerable PHP/CGI scripts. It is a modified derivative of the Linux/Slapper and BSD/Scalper worms from which it inherits the propagation strategy. It scans an entire class B subnet created by randomly choosing the first byte from an hard-coded list of A classes and randomly generating the second byte.

The worm blindly attacks web servers by sending malicious http requests on port 80. If the target server is running one of the vulnerable scripts at specific URLs and is configured to permit external shell commands and remote file download in the PHP/CGI environment, a copy of the worm could be downloaded and executed.

Like its precedents, the infected computers form a global network of compromised servers based on peer to peer communication principles. This network can be used, for example, for Distributed Denial of Service (DDoS) attacks or other purposes because it can accept remote commands. It is also capable of harvesting email addresses stored in files on the web server.

More Details.

More in Tux Machines

Development News

  • KDevelop 5.0.3 Open-Source IDE Improves GitHub Handling Authentication, More
    The development behind the open-source and cross-platform KDevelop IDE (Integrated Development Environment) was proud to announce on the first day of December the availability of the third point release for KDevelop 5.0 stable series. KDevelop 5.0.3 arrives one and a half months after the second maintenance update, but it's a small bugfix release that attempts to patch a total of nine issues reported by users since then. However, it's a recommended update for all users. "We are happy to announce the release of KDevelop 5.0.3, the third bugfix and stabilization release for KDevelop 5.0. An upgrade to 5.0.3 is strongly recommended to all users of 5.0.0, 5.0.1 or 5.0.2," reads the release announcement.
  • PHP 7.1.0
    The PHP development team announces the immediate availability of PHP 7.1.0.
  • PHP 7.1 Makes Its Debut
    This first major update to last year's huge PHP 7.0 release builds several new features on top. Introduced by PHP 7.1 is nullable types, a void return type, a iterable pseudo-type, class constant visibility modifiers, support for catching multiple exception types, and many other language enhancements plus more performance optimizations and other work.

Games for GNU/Linux

OSS Leftovers

SUSE Leftovers

  • openSUSE Tumbleweed – Review of the Week 2016/48
    After releasing daily snapshots without interruption for 17 days, Tumbleweed did slow down a bit during the last week. As already mentioned in my last review, 1124 had been canceled due to an issue with sddm installing strange branding configurations. And later on, we ‘broke’ our own staging setup and needed to bootstrap a few of them, making the throughput much lower than you were used to. So, we ended up with 3 snapshots since my last review: 1125, 1128 and 1129.
  • Highlights of YaST development sprint 28
    November is over, Santa Claus elves start to stress and the YaST team brings you one of the last reports of 2016. Let’s see what’s new in YaSTland.