Discovered: April 4, 2001
Updated: August 21, 2008 10:32:12 AM
Type: Worm
Systems Affected: Linux
Linux.Adore.Worm is a worm that spreads by targeting vulnerabilities commonly found on default installations of Linux. Using these vulnerabilities, the worm gains root access to the system, downloads and executes itself, and then searches for new systems to infect.
Note: The Linux rootkit known as Adore is unrelated to this worm.
Protection
-
Initial Rapid Release version April 5, 2001
-
Latest Rapid Release version pending
-
Initial Daily Certified version April 5, 2001
-
Latest Daily Certified version pending
-
Initial Weekly Certified release date April 11, 2001
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Medium
-
Number of Infections: 50 - 999
-
Number of Sites: 10+
-
Geographical Distribution: Medium
-
Threat Containment: Moderate
-
Removal: Moderate
Damage
-
Damage Level: Medium
-
Modifies Files: Replaces ps and klogd
-
Releases Confidential Info: Emails system information to anonymous addresses
-
Compromises Security Settings: Creates a root shell backdoor
Distribution
-
Distribution Level: Medium
-
Target of Infection: Linux systems with vulnerable wuftpd, bind, lprng, or statd
Writeup By: Eric Chien
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
