According to education and research organisation The Sans Institute, the Lion virus only exploits problems with Redhat Linux versions 5.x, 6.x and 7 running ISC Bind.
The worm virus is transmitted within an application called "Rand" and inserts a hacking tool kit called "t0rn". This allows external hackers to secretly log into an infected system, steal passwords and cause data damage.
Redhat made available in January a free patch to fix the vulnerability but believes that up to 20% of its eight million vulnerable users have failed to install these fixes.
Andre Post, senior researcher at Symantec Anti-Virus Research Center said, "Although we have a patch for this worm, it is not currently in the wild and we have had no reports from our users." Symantec has treated this virus as low risk.
Post added that he believed the virus would affect few Bind servers although users who have failed to update older Redhat versions should do so immediately.
This was first published in March 2001