Security Incidents mailing list archives
Re: FW: Apache worm in the wild
From: Skip Carter <skip () taygeta com>
Date: Fri, 28 Jun 2002 11:32:13 -0700
-------Original Message----- From: Domas Mituzas [mailto:domas.mituzas () microlink lt] Sent: Friday, June 28, 2002 7:02 AM To: freebsd-security () freebsd org Cc: bugtraq () securityfocus com; os_bsd () konferencijos lt Subject: Apache worm in the wild Hi, our honeypot systems trapped new apache worm(+trojan) in the wild. It traverses through the net, and installs itself on all vulnerable apaches it finds. No source code available yet, but I put the binaries into public place, and more investigation is to be done. http://dammit.lt/apache-worm/
Looks like you should check out what is in /bin/.log -- Dr. Everett (Skip) Carter Phone: 831-641-0645 FAX: 831-641-0647 Taygeta Scientific Inc. INTERNET: skip () taygeta com 1340 Munras Ave., Suite 314 WWW: http://www.taygeta.com Monterey, CA. 93940 ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- FW: Apache worm in the wild suniljames (Jun 28)
- Re: FW: Apache worm in the wild Skip Carter (Jun 28)