|
Description:
This memory-resident worm takes advantage of the following Windows vulnerabilities:
- IIS5/WEBDAV Buffer Overflow vulnerability Remote Procedure Call
- (RPC) Distributed Component Object Model (DCOM) vulnerability
- RPC Locator vulnerability
For more information about these Windows vulnerabilities, please refer to the following Microsoft Web pages:
It attempts to log on to systems using a list of weak usernames and passwords. Once logged on, it propagates by dropping a copy of itself.
It has backdoor capabilities. It connects to Internet Relay Chat (IRC) and listens for commands that come from a remote malicious user. It also attempts to launch a denial of service (DoS) attack against target machines. Furthermore, it steals CD keys of popular game applications.
It runs on Windows 95, 98, ME, NT, 2000, and XP.
For additional information about this threat, see:
Solution
Description created: Aug. 12, 2004 6:08:20 PM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
