[ale] Trojan mpg123 alert

James P. Kinney III jkinney at localnetsolutions.com
Wed Jan 15 17:12:00 EST 2003


I really don't like seeing stuff like this for ANY operating system
platform. I especially hate seeing it for Linux systems.

http://www.theage.com.au/articles/2003/01/15/1042520656903.html

<cut-n-paste>

Linux trojan starts circulating
January 15 2003



An exploit for the Linux mpg123 mp3 player has started circulating,
following the release of the code for the same by the Gobbles security
group.

Anti-virus software maker Symantec has christened it as
Trojan.Linux.JBellz.

The trojan arrives as a malformed .mp3 file and when played with a
specific version of the mpg123 player, the code is executed. All the
files in the home directory of the current user are deleted, recursing
into subdirectories. 

Symantec said version pre0.59s of the mpg123 player had been verified to
be vulnerable on SuSE Linux 8.0 and Slackware Linux 8.0. 

-- 
James P. Kinney III   \Changing the mobile computing world/
President and CEO      \          one Linux user         /
Local Net Solutions,LLC \           at a time.          /
770-493-8244             \.___________________________./

GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) <jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 



 This is a digitally signed message part




More information about the Ale mailing list