The Trojan.Linux.JBellz Trojan horse arrives as a malformed .mp3 file. When the .mp3 file is played with a specific version of the mpg123 player under Linux, the code of the Trojan horse is executed; thereby, deleting all the files in the home directory of the current user.
Symantec antivirus products detect the tool used to create the malformed .mp3 files, which contain Trojan.Linux.JBellz, as Trojan.Linux.JBellz.dr.
Additional information about the vulnerability described in this writeup can be found in the message that was posted to the SecurityFocus Bugtraq forum, at:http://online.securityfocus.com/archive/1/306476.
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.