JBoss Worm Exploiting Old Bug to Infect Unpatched Servers | threatpost

Worm uses bug in jmx-console to execute shell code, then it installs perl-based control daemon that connects to IRS, and tries to discover other JBoss'es near by by using jgroups UDP multicast. Here is more details, including the source code http://pastebin.com/U7fPMxet

Comments are closed.

permalink