Real Reality
Joined: 10 Jan 2003 Location: Seoul
|
Posted: Mon Dec 27, 2004 7:43 pm Post subject: Santy Worm Spreads |
|
|
Santy.C and Santy.E behave so differently from Santy.A that the K-OTik is renaming the worm PhpInclude.Worm in its advisories, the company says. The worm doesn't exploit the vulnerabilities in phpBB targeted by its predecessor, instead aiming for a wider range of common programming errors in PHP Web pages.
It uses search engines including Google, Yahoo, and AOL to identify exploitable Web pages written in PHP which use the functions "include()" and "require()" in an insecure manner, K-OTik says.
http://story.news.yahoo.com/news?tmpl=story&cid=1093&e=3&u=/pcworld/119051 |
|