A worm that affects Linux systems and spreads by exploiting web server-related vulnerabilities has been reported by antivirus companies, but so far Linux. Plupii, which is also known as Lupper, hasn’t spread much and isn’t seen as much of a threat.
The worm spreads by exploiting web servers hosting vulnerable PHP/CGI programming language scripts, according to antivirus software vendor McAfee. The worm is a derivative of the Linux/Slapper and BSD/Scalper worms from which it has taken its propagation strategy, McAfee says. It attacks web servers by sending malicious HTTP requests on port 80, McAfee says.
Symantec rates the worm as having a medium damage and distribution threat, while McAfee assessed it as a low threat for both corporate and home users.