Internet ne'er do wells have created a Linux worm which uses a recently discovered vulnerability in XML-RPC for PHP, a popular open source component used in many applications, to attack vulnerable systems. The Mare-D worm also tries to take advantage of a security flaw in Mambo to spread. If successful, the worm installs an IRC-controlled backdoor on compromised systems.

Most affected applications have been updated to address the security flaw exploited by Mare-D, which anti-virus firms rate as a low risk. The malware is noteworthy mainly because of the rarity of malware strains targeting Linux systems rather than the minimal threat is poses. ®

Related stories

• Month of PHP bugs project launches (5 March 2007)
• PHP security under scrutiny (21 December 2006)
• X marks the bug (3 May 2006)
• Homeland Security report tracks down rogue open source code (3 March 2006)
• Open source ID management puts users in control (28 February 2006)
• Windows beats Linux - Unix on vulnerabilities - CERT (5 January 2006)
• Analysis Anatomy of a failed virus attack (6 December 2005)
• Red Hat holes less severe than Windows - study (27 July 2005)
• Hackers plot to create massive botnet (3 June 2005)
• MySQL worm attacks Windows servers (28 January 2005)