The last I heard, it spreads using rsh to any hosts that you might have
in /etc/hosts.equiv
If you don't have any in there, it will not move beyond your system.
In article <Pine.LNX.3.95.970207163454.30888B-100000@gatekeeper.burgessinc.com>,
Nathan Bryant <nathan@burgessinc.com> writes:
> On Fri, 7 Feb 1997 tyson@rwii.com wrote:
>
>> On 7 Feb, Ingo Molnar wrote:
>> >
>> > On Fri, 7 Feb 1997, Chris Y. wrote:
>> >
>> > > Just picked this off of one my my mailing lists... you should check it
>> > > out.
>> >
>> > > Its target is users who play games such as doom over the Internet with
>> > ^^^^
>> > > root access.
>> > ^^^^^^^^^^^^
>> > this says it all .... :)
>>
>> Doesn't doom give up root access once it has io perms to the video
>> hardware, etc.? I would think this would only be a problem if run by
>> root which is just simply a stupid thing to do. Isn't this a case of
>> those that are causual about security get what they deserve?
>
> I don't agree. Doom has a known bug which allows any user on your system
> to get root if doom is installed setuid root. Every Linux distribution
> I've ever used installs Doom setuid root, and RedHat has only recently
> released a patch to correct this. (The patch doesn't fix doom, just
> removes the setuid bit.)
>
>>
>> If I am correct, then McAfee should be clearer about the threat because
>> their web page doesn't help Linux at all by suggesting that it is the
>> first Unix that is suseptable to a virus and pointing out that all the
>> Windoze OSes are not vulnerable to it.
>
> I do agree that McAfee could be clearer about the threat. Their press
> release leaves some important questions unanswered, such as how the Bliss
> virus enters the system in the first placce. Is some FTP site distributing
> infected copies of Doom?
>
>>
>> Ty
>>
>> --
>> Tyson D Sawyer <tyson@rwii.com> RWI, Inc. has been supplying leading edge
>> Senior Systems Engineer mobile robotics technology since 1983
>> Real World Interface, Inc. http://www.rwii.com/
>>
>
> +-----------------------+---------------------------------------+
>| Nathan Bryant | Unsolicited commercial e-mail WILL be |
>| nathan@burgessinc.com | charged an $80/hr proofreading fee. |
> +-----------------------+---------------------------------------+
>
-- George Bonser grep@oriole.sbay.org, grep@cris.com