http://news.com.com/2100-1001-940989.html?tag=fd_top By Robert Lemos Staff Writer, CNET News.com July 1, 2002, 1:45 PM PT A program designed to infect vulnerable computers running the open-source Apache Web server application apparently hasn't made it very far, security experts said Monday. As first reported by CNET News.com, the Apache worm infects unpatched servers running the FreeBSD operating system, an open-source variant of Unix, and the Apache Web software. Despite initial reports that the worm had spread to some servers, consultants and antivirus experts haven't seen much activity. "It's pretty much dead," said Marc Maiffret, chief hacking officer for network-protection company eEye Digital Security. "We haven't seen anything." At least one computer appears to have been infected, however. The Apache worm compromised a server owned by Baltic information technology company Microlink Systems, Domas Matuzas, a Lithuanian programmer for the company, said Friday. The worm failed to do much--if any--damage over the weekend, however. "We received no in-the-wild submissions," said Carey Nachenberg, chief architect of the security response team for antivirus company Symantec. "It doesn't seem to be actively spreading." The company, which refers to the worm as FreeBSD.Scalper.Worm, rated the program a low Internet threat. "This specific implementation...it doesn't pose a large problem because of its focus," said Peter Szor, chief antivirus researcher for Symantec, pointing out that because the worm focuses on FreeBSD, a relatively minor player in the Unix world, few computers would be affected. However, there are indications that the flaw exploited by the worm appears in other platforms, which could mean the advent of more damaging worms. "It will become a bigger issue for sure," said Szor. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Jul 02 2002 - 05:08:52 PDT