Virus writers have created a Linux worm which uses a recently discovered vulnerability in XML-RPC for PHP, a popular open source component used in many applications, to attack vulnerable systems.

XML-RPC for PHP features in many web application including PostNuke, Drupal, b2evolution, Xoops, WordPress, PHPGroupWare and TikiWiki. Most of these applications have been updated to address the security flaw.

But unpatched systems are at risk from a Linux worm - called Lupper - which exploits the bug to load itself onto vulnerable systems. Anti-virus firms report few reports of the malware which is noteworthy mainly because of the rarity of malware strains targeting Linux systems rather than its risk factor, which is low.

SAN's Internet Storm Centre has a comprehensive technical description of the threat (such as it is) here. ®

Related stories

• WordPress update kyboshes XSS flaw (27 November 2008)
• Hackers plant backdoor in blogging software (5 March 2007)
• Tech companies unite to buy up Linux patents (10 November 2005)
• Shout goes out over PHP security bugs (1 November 2005)
• MS axes Unix anti-virus sales after bagging Sybari (22 June 2005)
• Santy worm defaces thousands of sites (21 December 2004)
• Security Report: Windows vs Linux (22 October 2004)
• Slapper Worm brought to heel (26 September 2002)
• Slapper worm spanks Apache servers (16 September 2002)