Virus wake-up call to Redhat users


Virus wake-up call to Redhat users

IT managers who failed to fix known vulnerabilities in Redhat Linux should act fast following the discovery of a new virus, which attacks the popular Internet domain naming software, Bind.

Will Garside

According to education and research organisation The Sans Institute, the Lion virus only exploits problems with Redhat Linux versions 5.x, 6.x and 7 running ISC Bind.

The worm virus is transmitted within an application called "Rand" and inserts a hacking tool kit called "t0rn". This allows external hackers to secretly log into an infected system, steal passwords and cause data damage.

Redhat made available in January a free patch to fix the vulnerability but believes that up to 20% of its eight million vulnerable users have failed to install these fixes.

Andre Post, senior researcher at Symantec Anti-Virus Research Center said, "Although we have a patch for this worm, it is not currently in the wild and we have had no reports from our users." Symantec has treated this virus as low risk.

Post added that he believed the virus would affect few Bind servers although users who have failed to update older Redhat versions should do so immediately.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

This was first published in March 2001


COMMENTS powered by Disqus  //  Commenting policy