Mare.D attacks the Mambo content management system
F-Secure is warning about 'network worm' Mare.D targets vulnerabilities in Content Management System (CMS) Mambo and XML-RPC PHP library (this is The code library for PHP programmers allows procedures to run between multiple computers with different operating systems.
Interface of Mambo CMS system
F-Secure said the Mare.D worm installed some backdoor ports on the infected system (and would harm it if the system ran Mambo open source CMS or XML-RPC PHP library).
Two of these back ports are of the ' connectback shell backdoor ' type, named " cb " and " ping.txt ". These two back ports connect to the remote computer via port 8080. The third back port is written in Perl language and controlled by IRC (Internet Relay Chat). The main component of the listening worm of commands at port 27015 of UDP (User Datagram Protocol) protocol.
Secunia said, this vulnerability affects PHP XML-RPC version 1.1 and earlier versions. The company advises users to upgrade the PHP XML-RPC library to version 1.1.1.
On his website, Mambo said he had released fixes for versions 4.5.3 and 4.5.3h. Users can download these fixes from http://www.mamboserver.com/. Mambo also recommends that users upgrade their software if they have previous versions of 4.5.3.
A consultant from Sophos said, they still haven't seen any customers complaining about the Mare.D worm.
- The scary 'dark corner' is less known on Facebook
- Oracle is about to launch content management products
- AACS patch technology protects DVD content
- Exam TTVN 2005: Smart enterprise management solution
- Oracle announces the new generation Content Management Strategy
- Establish a disaster management system in Asia
- Mobile virus: danger of being inflated?
- Is your DNS server domain system misconfigured?
- Hackers claim to break the HD-DVD and Blue-ray protection mechanisms
- Hackers turn to attack
- Vista: block Rootkit attacks on the operating system core
- The reason should eat beans regularly