F-Secure Corp., for example, on Saturday issued a Level 2 alert warning of the Slapper Linux worm but on Monday upgraded it to Level 1, its highest level.
The worm likewise has Internet Security Systems at AlertCon3, which warns of "focused attacks" and is second only to AlertCon 4 for "catastrophic threat." The worm -- also known as Linux.Slapper-A, Linux.Slapper-Worm, Apache/mod_ssl Worm and Slapper.source -- targets a previously reported flaw in OpenSSL, an open source version of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols.
Once it infects a server, the worm tries to add that server to a peer-to-peer network, F-Secure's advisory says. That network can then be used to launch a distributed denial of service attack.
By contrast, the most devastating Web worm to date -- Code Red -- infected only about 200 servers in the same timeframe, F-Secure says.
To avoid the worm, organizations can either apply a patch or upgrade to version 0.9.6e of OpenSSL, according to CERT/CC. Its advisory contains patch and upgrade information here.
F-Secure is offering a free, limited version of its F-Secure Anti-Virus for Linux to administrators of infected systems. More information is available at the company's Slapper Web site.