Security Incidents mailing list archives

FW: Apache worm in the wild

From: <suniljames () hotmail com>
Date: 28 Jun 2002 17:21:35 -0000

In-Reply-To: <Pine.LNX.4.44.0206281205360.28076-100000 () blackavar com>

Has anyone seen anything in relation to this?

Thanks,

Sunil


-------Original Message-----
From: Domas Mituzas [mailto:domas.mituzas () microlink lt]
Sent: Friday, June 28, 2002 7:02 AM
To: freebsd-security () freebsd org
Cc: bugtraq () securityfocus com; os_bsd () konferencijos lt
Subject: Apache worm in the wild


Hi,

our honeypot systems trapped new apache worm(+trojan) in the wild. It
traverses through the net, and installs itself on all vulnerable apaches
it finds. No source code available yet, but I put the binaries into public
place, and more investigation is to be done.

http://dammit.lt/apache-worm/

Regards,
Domas Mituzas

Central systems @ MicroLink Data

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

FW: Apache worm in the wild suniljames (Jun 28)
- Re: FW: Apache worm in the wild Skip Carter (Jun 28)