Discovered: June 28, 2002
Updated: February 13, 2007 11:39:24 AM
Also Known As: ELF_SCALPER.A, BSD/Scalper.worm
Type: Worm
This worm uses the Apache HTTP Server chunk encoding stack overflow vulnerability to spread itself. Currently it has only been confirmed that this worm works on the FreeBSD platform. FreeBSD is an advanced operating system for Intel ia32 compatible, DEC Alpha, and PC-98 architectures. It is derived from BSD UNIX, the version of UNIX developed at the University of California, Berkeley. It is developed and maintained by a large team of individuals.
This worm has received some media coverage but we believe it is currently not prevalent in the wild. So far, we have not received any customer reports of this worm. For information regarding the vulnerability, please click
here.
Protection
-
Initial Rapid Release version June 28, 2002
-
Latest Rapid Release version March 3, 2008 revision 035
-
Initial Daily Certified version June 28, 2002
-
Latest Daily Certified version March 3, 2008 revision 037
-
Initial Weekly Certified release date July 3, 2002
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Low
-
Number of Infections: 0 - 49
-
Number of Sites: 3 - 9
-
Geographical Distribution: Medium
-
Threat Containment: Easy
-
Removal: Easy
Damage
Distribution
Writeup By: Peter Szor
