|
Description:
This worm takes advantage of the following Windows vulnerabilities to propagate across networks:
- Remote Procedure Call (RPC) Distributed Component Object Model (DCOM) vulnerability
- Buffer Overflow in SQL Server 2000 vulnerability
- IIS5/WEBDAV buffer overrun vulnerability
- LSASS vulnerability
For more information about these vulnerabilities, please refer to the following Microsoft pages:
It spreads via network shares using NetBEUI functions to get available lists of user names and passwords. It then drops a copy of itself on accessed shared folders.
It has backdoor capabilities, and may execute remote commands coming from a malicious user. It also performs a denial of service (DoS) attack against random IP addresses and steals CD keys of certain game applications.
This worm runs on Windows 95, 98, ME, NT, 2000, and XP.
For additional information about this threat, see:
Solution
Technical Details
Description created: Sep. 8, 2004 4:29:47 PM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
