search for: admw0rm

For all of us who don't regularly read the BUGTRAQ list and, like me :-( , tend to forget: [mod: Like me :-( -- REW] It has been pointed out, on a mail to BUGTRAQ, that the ADMw0rm is pretty old stuff, already reported by CERT: http://www.cert.org/advisories/CA-98.05.bind_problems.html Searchable BUGTRAQ archives are available (also?) at http://www.geek-girl.com/bugtraq/index.html Cheers, Sergio --------------------------------------------------------------------------...

On Fri, 26 Mar 1999, Thomas Biege wrote: > Date: Fri, 26 Mar 1999 09:34:10 +0100 (MET) > From: Thomas Biege <thomas@suse.de> > To: Jan-Philip Velders <jpv@jvelders.tn.tudelft.nl> > Cc: linux-security@redhat.com > Subject: Re: [Security - intern] [linux-security] *ALERT*: ADM Worm. Worm for Linux x86 found in wild. > The worm just exploits old security holes, so

Hi, some more info on the previous admw0rm alert. Fwd'd from BugTraq Greetings, Jan-Philip Velders ---------- Forwarded message ---------- Date: Fri, 26 Mar 1999 21:17:40 +0100 From: Mixter <mixter@HOME.POPMAIL.COM> To: BUGTRAQ@NETSPACE.ORG Subject: Re: ADM Worm. Worm for Linux x86 found in wild. The "ADM w0rm" is pub...

...es portscanning one of their subnets. Subsequent investigation found that a worm had infected the offending box and was attempting to propagate itself. 2. Further info The worm seems to be a few binaries working together with some bourne shell scripts. The main file seems to be one called "admw0rm," which is a shell script and not a binary. Identifying strings found in the files include: -----admw0rm----- #!/bin/sh # ADM Inet w0rm # Linux X86 spef.. anyway it's my first w0rm :) # ver 0.1 # i'm not responsable of the usage of diz w0rm !!! # greetz: to all blondes with the...

Someone I was speaking with this evening claimed they have installed the latest named rpms yet they are still getting exploited daily and being hacked. Do the latest rpm''s for the named 4.9.x stuff fix all the root exploits or is this person just an idiot who probably has holes elsewhere in the system?