Security news1 March 2007
Solaris worm blasts its way through telnet flaw Companies urged to patch to protect against Froot worm
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned of an internet worm that is exploting a recently announced vulnerability on Sun Solaris servers.
The Unix/Froot-A worm (also known as Wanuk) exploits a vulnerability in both x86 and SPARC versions of version 10 of Sun's operating system, attempting to open a backdoor which could allow hackers to gain remote access to computers.
Under certain conditions the Froot worm can send system broadcast messages via the 'wall' command. These can take a variety of forms, including ASCII art and the phrase:
One of the ASCII art messages that can be broadcast displays an offensive message:
Another shows a picture of a talking turkey:
"Most attacks today are targeted at computers running Microsoft Windows, but that doesn't mean that businesses running UNIX and other operating systems don't need to take security seriously," said Graham Cluley, senior technology consultant at Sophos. "This worm takes advantage of a security hole in Solaris's telnet service that was first disclosed last month. Vulnerable businesses would be wise to install the vulnerability fix from Sun, and consider disabling telnet."
- Find out more about the flaw and how to protect against it on Sun's website
- Information about the vulnerability from US-CERT
"Although all new malware attacks are serious, it doesn't seem like that Sun Solaris threats will eclipse the virus problem on Windows anytime soon," continued Cluley. "The correct response is not to panic, but to take sensible action to ensure defenses are in place, software is patched whenever a new vulnerability is announced."
Sophos recommends companies automatically update their corporate virus protection, and run a consolidated solution to defend against viruses, spyware and spam.
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.
