mark :: blog :: fudcon
At FudCon I talked about the lack of any recent Linux worms, the last being a couple of years ago - but as of this weekend I've a new Linux worm to talk about, Lupii. This Linux worm was detected around the 5th November 2005 and is designed to exploit a flaw CVE-2005-1921 in the PHP PEAR XML-RPC Server package through a number of third party PHP scripts.
Red Hat released updates to PHP to correct this vulnerability for Red Hat Enterprise Linux 3 and 4 in July 2005. Red Hat Enterprise Linux 2.1 was not affected by this vulnerability. Fedora Core 4 and Fedora Core 3 also got updates in July.
Our analysis showed that the default SELinux targeted policy on Enterprise Linux 4 would have blocked the specific instances of this worm seen so far, but is not sufficient to block a worm written differently from exploiting this vulnerability if left unpatched. Time to make sure all your servers are up2date!
Hot isn't enough of a descriptive word for Karslruhe this week; 34C with no aircon on the show floor or hotel. I'd planned on taking a few hours out to go geocaching but so far don't fancy waking the mile round trip. Instead I managed a couple of webcam caches yesterday and I'm waiting for the weather to break. Did a couple of talks today (for partners) but the big FudCon talk is tommorrow morning, which should be more fun. Got to play with a Nokia 770 (shame it doesn't have a nice desktop stand charger), and find out some more about Xen. Time to go find some more nice Eis.
Off to Germany tommorrow for LinuxTag, FudCON2 and a few presentations. Unfortunately I get the first talk on Friday morning, just after the social event on Thursday night. Or it could be fortunately - this means that I could possibly get away with lower quality slides if the event goes well and everyone drinks lots. As some light relief today I found some gummi worms to photograph for my "Linux Worms" slide and some cute playmobil penguins. I'm looking forward to some real Haribo made in Germany, rather than the inferior "made in UK" versions I bought in Macro. I'm also looking forward to visiting Deutsche Bundesbank to exchange all my DM cash into Euros!
I've been generating some more useful Fedora stats over the last few days, but I'm going to save them until FudCon next week so I've something new to talk about. I've also been adding some bookmarks to my phone so I can grab a few webcam geocaches in Karlsuhe and Frankfurt. Meanwhile the rest of the security team has been busy pushing out a lot of older 'moderate' and 'low' rated serverities whilst there isn't many 'important' rated issues in the queue.
Hi! I'm Mark Cox. This blog gives my
thoughts and opinions on my security
work, open source, fedora, home automation,
and other topics.
pics from my twitter:
red hat summit,