[ale] Trojan mpg123 alert
Dow Hurst
dhurst at kennesaw.edu
Wed Jan 15 19:30:13 EST 2003
This is a good reason to follow Bob Toxen's philosophy of working with
untrusted files as a separate user. You have the power under Linux to
protect yourself!
Bob recommends web browsing as a separate user. Especially if you are
using plugins, java, or javascript enabled. I think ssh'ing to your
machine as the untrusted user to run the apps would work okay. Or, for
the dual screen people, instead of running Xinerama, use two separate
Xservers and log in as separate users.
Dow
James P. Kinney III wrote:
>I really don't like seeing stuff like this for ANY operating system
>platform. I especially hate seeing it for Linux systems.
>
>http://www.theage.com.au/articles/2003/01/15/1042520656903.html
>
><cut-n-paste>
>
>Linux trojan starts circulating
>January 15 2003
>
>
>
>An exploit for the Linux mpg123 mp3 player has started circulating,
>following the release of the code for the same by the Gobbles security
>group.
>
>Anti-virus software maker Symantec has christened it as
>Trojan.Linux.JBellz.
>
>The trojan arrives as a malformed .mp3 file and when played with a
>specific version of the mpg123 player, the code is executed. All the
>files in the home directory of the current user are deleted, recursing
>into subdirectories.
>
>Symantec said version pre0.59s of the mpg123 player had been verified to
>be vulnerable on SuSE Linux 8.0 and Slackware Linux 8.0.
>
>
>
--
__________________________________________________________
Dow Hurst Office: 770-499-3428
Systems Support Specialist Fax: 770-423-6744
1000 Chastain Rd., Bldg. 12
Chemistry Department SC428 Email:dhurst at kennesaw.edu
Kennesaw State University Dow.Hurst at mindspring.com
Kennesaw, GA 30144
*********************************
*Computational Chemistry is fun!*
*********************************
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list