Virus wake-up call to Redhat users


Virus wake-up call to Redhat users

IT managers who failed to fix known vulnerabilities in Redhat Linux should act fast following the discovery of a new virus, which attacks the popular Internet domain naming software, Bind.

Will Garside

According to education and research organisation The Sans Institute, the Lion virus only exploits problems with Redhat Linux versions 5.x, 6.x and 7 running ISC Bind.

The worm virus is transmitted within an application called "Rand" and inserts a hacking tool kit called "t0rn". This allows external hackers to secretly log into an infected system, steal passwords and cause data damage.

Redhat made available in January a free patch to fix the vulnerability but believes that up to 20% of its eight million vulnerable users have failed to install these fixes.

Andre Post, senior researcher at Symantec Anti-Virus Research Center said, "Although we have a patch for this worm, it is not currently in the wild and we have had no reports from our users." Symantec has treated this virus as low risk.

Post added that he believed the virus would affect few Bind servers although users who have failed to update older Redhat versions should do so immediately.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

This was first published in March 2001


COMMENTS powered by Disqus  //  Commenting policy