|
Description:
To propagate, this worm uses common user names and passwords to gain access into found systems. When the logon attempt is successful, this worm then copies and executes itself on the machine.
takes advantage of the following Windows vulnerabilities:
- Remote Procedure Call (RPC) Distributed Component Object Model (DCOM) vulnerability
- IIS5/WEBDAV Buffer Overflow vulnerability
For more information about these Windows vulnerabilities, please refer to the following Microsoft Web pages:
This worm has backdoor capabilities. It executes commands sent in via Internet Relay Chat (IRC) and can be used to launch a Denial of Service (DoS) attack against specified target sites.
It terminates certain antivirus processes and files steals the CD keys of popular game applications.
It runs on Windows NT, 2000 and XP.
For additional information about this threat, see:
Solution
Technical Details
Description created: May. 22, 2004 7:14:30 AM GMT -0800
Description updated: May. 24, 2004 7:41:18 AM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
