SARA Malware that exploits the vmsplice bug in the Linux kernel. Affects kernel versions 2.6.17 through 2.6.24.1. Successful exploitation allows the disabling of INPUT rules on the firewall, opens TCP port 1407 for execution of remote commands, and more.