When trying to infect Red Hat 6.2 systems, the worm will use the RPC.statd and wu-FTP flaws, according to an analysis completed by Daniel Martin, a Debian Linux developer. RPC.statd is one of several services that a Linux server can run . . .
When trying to infect Red Hat 6.2 systems, the worm will use the RPC.statd and wu-FTP flaws, according to an analysis completed by Daniel Martin, a Debian Linux developer. RPC.statd is one of several services that a Linux server can run to offer remote access using a common suite of programs known as remote procedure calls. Washington University's version of the common file server, known as wu-FTP, has a flaw that also allows access.

Both flaws appear in other distributions of Linux, including SuSE, Mandrake and Caldera. But because the worm limits itself to Red Hat servers, those distributions are not affected. Patches for both flaws have been readily available for more than six months.

The worm attempts to compromise Red Hat 7.0 systems by swamping the error logging function of the server's printer service with data. Known as a buffer overflow, or overrun, such exploits are commonly used in scripts designed by system crackers.

The link for this article located at CNET is no longer available.