http://lwn.net/Articles/159044/
Anyone know anybody who has actually been hit by this? People have been trying to make Linux worms/viruses for years. It is interesting that this one seems to have hit enough people to have been noticed by McAfee. It seems to affect only people who have installed php stuff that exposes them to a PHP XML-RPC vulnerability. Seems like PHP stuff in general has had lots of security problems over the years. Anyone running SE Linux (default on RH/Fedora systems these days) should not be vulnerable to this thing since cgi apps from the cgi-bin dir are not allowed to bind to ports. -- Tracy R Reed http://copilotconsulting.com -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
