Symantec Researchers Warn of New Linux Worm


For many of us who run Linux, one of the attractions to doing so is being relatively free of security threats and malware. Every once in a while, though, a notable threat does target Linux, and Symantec researchers have ssued an advisory warning of a new worm that targets not only Linux-based computers but many kinds of devices that include Linux, including some routers and set-top boxes. The worm, Linux.Darlloz, exploits a PHP vulnerability to propagate itself.

According to security researcher Kaoru Hayashi:

“The worm utilizes the PHP ‘php-cgi’ Information Disclosure Vulnerability (CVE-2012-1823), which is an old vulnerability that was patched in May 2012. The attacker recently created the worm based on the Proof of Concept (PoC) code released in late Oct 2013.”


Read more at Ostatic