There are few reports of an attack by a new Linux worm called Lupper which exploits a well known PHP XMLRPC implementation vulnerability.�U���ɂ́A�����‚��̕񍐏��ł́A�V����linux lupper�����p���郏�[���ƌĂ΂��PHP XMLRPC�̎����̐Ǝ㐫�ł悭�m���Ă��܂��B

PHP XMLRPC implementation is used in a large number of popular web applications such as PostNuke, Drupal, b2evolution, Xoops, PHPGroupWare, TikiWiki etc. PHP XMLRPC�̎����Ŏg�p����A�����̐l�C��Web�A�v���P�[�V�����Ȃǂ̃J�e�S���[�A��Drupal �A b2evolution���A XOOPS �A��phpGroupWare �A���B TikiWiki

Most of these packages have updated to provide a patch for the XMLRPC for PHP vulnerability.�����̃p�b�P�[�W�́A�X�V�ς݂̑啔����񋟂���xmlrpc�̂́A PHP�̐Ǝ㐫�̏C���v���O�����ł��B

If you are still running an old version, you should get it updated immediately.�܂����s����Ă���ꍇ�́A�Â��o�[�W�����́A������擾����ׂ����������ɍX�V���܂��B

WordPress 1.5 or higher is WordPress 1.5�̂܂��͂���ȏ�� safe���S�� from this worm.���̃��[������ł��B Since the release of version 1.5, WordPress has used a completely different XML-RPC library, called IXR.�o�[�W����1.5�̃����[�X�ȍ~�ɁA�����g���A���S�ɕʂ�XML - RPC���C�u�����ƌĂ΂��ixr�ł��B

From the submitted logs, it attempts to wget a remote access Trojan from one system and using the Trojan to try to connect to another site via port 8080.���O����̒�o�́A�����[�g�A�N�Z�X���悤�Ƃ���g���C�̖ؔn����wget��1�‚̃V�X�e�����g�p���āA�g���C�̖ؔn�ւ̐ڑ������݂�|�[�g8080��ʂ̃T�C�g�Ɍo�R���܂��B

The risk factor is low so far.����܂ł̂Ƃ���A�댯���q���Ⴂ�ł��B It is however interesting as it is the first known case of exploitation of the vulnerability as a worm.����������͋����[�����̂ł����A�ŏ��̊�m�̐Ǝ㐫�̗��p���Ƃ��ă��[���ł��B

Link�����N