Worm exploits Apache vulnerability on FreeBSD

A worm that can compromise systems running the Apache Web server on the FreeBSD operating system is crawling the Internet, but its spread and impact are limited, experts said on Monday.

The worm takes advantage of a known security hole in Apache Web servers by scanning the Internet and installing a backdoor application when it finds a vulnerable Web server. This backdoor allows the attacker to remotely control the system and use it in attacks on other Web servers, according to antivirus software vendor F-Secure Corp. in Helsinki.

The open-source Apache server is the most commonly used Web server software, running on 63 percent of Web sites, according to a survey by Web server analysis firm Netcraft Ltd. of Bath, England.

However, the reach of the worm, dubbed Scalper by F-Secure, is limited because it only affects Apache on the open-source FreeBSD operating system, said Mikko Hypp