Bots Attack Mambo

A new bot is spreading in the wild, with attackers looking to compromise vulnerable installations of the popular Mambo open-source content management system.

A recent analysis by SecurityFocus confirms that a vulnerability first published on November 16th has resulted in numerous websites being defaced. Now, a bot has been released that compromises the web server and provides additional functionality for an attacker. Reports claim that the bot allows for arbitary code execution, DoS attacks (via TCP, UDP and HTTP floods), port scanning capabilities, and the ability to discover other vulnerable hosts through Google searches. Bots doing the mambo

Linked by shanmuga Tuesday, 6th December 2005 9:12PM