Apache worm spreading

Zardon · Jun 29, 2002, 11:34 PM

Security experts are rushing to decode a worm program that exploits a 2-week-old flaw to infect computers running vulnerable versions of the popular open-source Apache Web server application.
The worm is thought to be capable of spreading only to Web servers running the FreeBSD operating system, an open-source variant of Unix, that haven't had a patch applied for the recent flaw. Although few people have reported the worm, it is thought to be infecting vulnerable Web servers worldwide.

"It is spreading," said Domas Mituzas, a systems developer for Baltic information-technology firm Microlink Systems and the first to report the new worm. "It hit us from Poland, and the comments are in Italian, so it could be from any part of the world."

From his early analysis of the worm, the 19-year-old Lithuanian programmer believes it was designed to create a flood net--a collection of compromised servers that can be used in a denial-of-service attack to overwhelm a target with data.

Full story <a target="_blank" href="http://news.com.com/2100-1001-940585.html?tag=fd_top">here</a>

UberLord · Jun 30, 2002, 06:03 PM

Goes to show that Open Source products can have security flaws - the difference compared to Closed Source counter-parts is that the turn-around time for security fixes is normally much better. And a patch has been around for quite a while, so it's lazy sys admins to blame here.

Jun 29, 2002, 11:34 PM	#1
Zardon DriverHeaven Founder Join Date: May 2002 Posts: 32,480 Rep Power: 177	Apache worm spreading Security experts are rushing to decode a worm program that exploits a 2-week-old flaw to infect computers running vulnerable versions of the popular open-source Apache Web server application. The worm is thought to be capable of spreading only to Web servers running the FreeBSD operating system, an open-source variant of Unix, that haven't had a patch applied for the recent flaw. Although few people have reported the worm, it is thought to be infecting vulnerable Web servers worldwide. "It is spreading," said Domas Mituzas, a systems developer for Baltic information-technology firm Microlink Systems and the first to report the new worm. "It hit us from Poland, and the comments are in Italian, so it could be from any part of the world." From his early analysis of the worm, the 19-year-old Lithuanian programmer believes it was designed to create a flood net--a collection of compromised servers that can be used in a denial-of-service attack to overwhelm a target with data. Full story <a target="_blank" href="http://news.com.com/2100-1001-940585.html?tag=fd_top">here</a>

Jun 30, 2002, 06:03 PM	#2
UberLord A Legend in Underwear Join Date: May 2002 Location: Unknown Posts: 5,255 Rep Power: 70	Goes to show that Open Source products can have security flaws - the difference compared to Closed Source counter-parts is that the turn-around time for security fixes is normally much better. And a patch has been around for quite a while, so it's lazy sys admins to blame here. __________________ Gentoo Linux - Developer (baselayout) Read my blog "I contend that we are both atheists. I just believe in one fewer god than you do. When you understand why you dismiss all the other possible gods, you will understand why I dismiss yours." Stephen Roberts