Hi I,m not realy sure who to send this too,
I,ve just picked up the new issue of the "new Linux Magazine". and theres an article in there worth reading, as follows,
Page 7 VARUS WARNING
A new Internet worm that targets computers running Red Hat Linux is be described by some virus experts as the first successful attack on the Linux O/S, which is widely considered to be one of the best protected platforms around. To penetrate computers that have Red Hat Linux 6.2 or 7.0 installed, The Ramen worm exploits 3 security breeches loopholes - in.ftpd, rc.statd and PLRng. These were identified and closed by developers last summer. The breaches are from the buffer overflow category and could enable hackers to send an executable code to the remote system and run it without the user's authorisation. The Ramen worm infects a system by sending data to a target computer receives data which then overflows the system's internal buffer. This enables the worm code to gain root privileges. It then initialises the command processor that executes the worm's instructions. Next the worm creates the /usr/srcl.poop folder and launches the "lynx" internet browser. There it downloads theworm's archive RAMEN.TGZ from a remote system. After this, Ramen opens the archive and executes its main file START.SH. The worm changes the contents of INDEX.HTML files found on the system, so that when affected HTML files are run they display the following message.
RameN Crew Hackers looooooOOOOOOOOOOOve noodles.
There is no additional payload.
But i have run out of time to finnish the article. Cheers Kerin