|
Description:
This worm spreads via network shares, and takes advantage of the following Windows vulnerabilities to propagate across networks:
- Remote Procedure Call (RPC) Distributed Component Object Model (DCOM) vulnerability
- RPC Locator vulnerability
- IIS5/WEBDAV buffer overrun vulnerability
- LSASS vulnerability
For more information about these Windows vulnerabilities, please refer to the following Microsoft Web pages:
It attempts to log into systems using a list of passwords hardcoded in its body. It then drops a copy of itself in the accessed machines.
It also steals CD keys of certain game applications. It also has backdoor capabilities and may execute commands issued by a remote user.
This worm runs on Windows 95, 98, ME, NT, 2000 and XP.
For additional information about this threat, see:
Solution
Technical Details
Description created: Jul. 11, 2004 11:11:54 PM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
