By John Geralds, VNU Net
A team of internet security researchers say they have found a
serious security hole in a popular Linux web server that could
allow an attacker to compromise and destroy a website.
According to the Internet Security Systems X-Force team, there
is a backdoor in Red Hat’s Linux that would let a computer intruder
access and alter files on some computers running the company’s most
recent version of Linux.
The discovery could not come at a worse time for Red Hat which
has been attempting to persuade customers that its Linux is a good
foundation for corporate operations.
Piranha is a package distributed by Red Hat that contains Linux
Virtual Server software, a web-based graphical user interface and
monitoring and fail-over components. A backdoor password exists in
the interface portion, Version 0.4.12 of Piranha-GUI, that may
allow remote attackers to execute commands on the server.
If an affected version of Piranha is installed and the default
backdoor password remains unchanged, any remote or local user may
login to the web interface. From there, parameters can be changed
and arbitrary commands can be executed with the same privilege as
that of the web server.
Only Red Hat users who have installed the Piranha component are
vulnerable. Piranha is installed only if a Red Hat user
specifically selects clustering functions when installing the
software or if a user chooses ‘install all’.
The X-Force team discovered the vulnerability and has been
working with Red Hat to create a ‘fix’. The security risk has been
given a five rating on a scale from one to five, where five is the
most severe.
Chris Rouland, director of Internet Security Systems’ research
team, said: “This is a very high risk. It gives people the same
rights as the web server itself.”
Rouland said he does not believe that the backdoor was installed
with malicious intent, but that it is an “engineering mistake”.
Red Hat has provided updated Piranha, Piranha-doc and Piranha
GUI packages and recommends administrators be sure that a new
password is installed following installation.
Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.
LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.