vnunet: Linux Worm Turns on Mambo and PHP Feb 20, 2006, 20 :00 UTC (22 Talkback[s]) (6956 reads) (Other stories by Iain Thomson)
"Security experts today warned of a Linux network worm that exploits holes in the Mambo content management system and the PHP XML-RPC library.
"Dubbed Mare.D, the worm leaves multiple backdoors on infected systems. Two of these are connectback shell backdoors that link to a remote host, while a third allows the malware's writer to access and control infected systems via IRC..."