12-27-2004, 10:55 PM
Mmmh...This is a rare occasion, a worm for UNIX? Interesting..... :D :D :D
euh ... it's nothing more then an automated File Inclusion Exploit. So it basically has nothing to do with the OS that is serving the PHP's, but with bad coding habits (aka dynamically including files like parsing links as
some brazilian kids seem to have finally heard about this 'vulnerability' and have released quite a few of such viri lately that are mainly targetting phpBB ...
12-28-2004, 10:47 PM
ah right...so it isnt as bad as it looks.
Anyhow, all Antivirus vendors, especially Symantec like to spice up the truth to encourage people to buy their products.
Still, you don't see many exploits around for unix nowadays...However, my Ikonboard forum software running on my website got hit a couple of months ago by some people called "Rebellious Fingers" - a pile of Brazillian (mmhm a connection?) kids who use old exploits in the Ikonboard forum software to gain entry to change your homepage.
Never know, there might be a connection. Did you hear that 29a closed down - no more proof of concept viruses then.