Internet ne'er do wells have created a Linux worm which uses a recently discovered vulnerability in XML-RPC for PHP, a popular open source component used in many applications, to attack vulnerable systems. The Mare-D worm also tries to take advantage of a security flaw in Mambo to spread. If successful, the worm installs an IRC-controlled backdoor on compromised systems.
Most affected applications have been updated to address the security flaw exploited by Mare-D, which anti-virus firms rate as a low risk. The malware is noteworthy mainly because of the rarity of malware strains targeting Linux systems rather than the minimal threat is poses. ®