(Courriels de diversion: <fourreurs@retardions-epaula.com> <violentees@combinais-reinvesti.com> <amadouerait@depeigne-rodailler.com> <agrement@crachez-inexpliques.com> <versees@recensera-pavanerait.com> <peuplerions@entęterais-ballets.com> <constants@gronderais-appręterai.com> <bricole@craindrions-suffocations.com> <bifurquerez@calligraphiant-persevererions.com> <sertissiez@bloqueront-edifierez.com> )
pour info.. ---------- Message transmis ---------- Subject: Re: [suse-security] Info: New Worm (was: WEB IIS cmd exe requests) Date: Tue, 18 Sep 2001 17:45:44 +0200 From: Sven Michels <smichels@intradat.com>To: suse-security@suse.com replying to myself: On September 18th, 2001 a new worm has been spreading globally. Nimda is a mass mailing worm that spreads itself in attachments named "readme.exe". Further the worm contains abilitity to scan and spread via Internet Information Server (IIS). To do that, the worm uses either a backdoor created by Sadmind and CodeRed worms, or IIS unicode vulnerability. Source: f-secure.com -- intraDAT AG http://www.intradat.com Wilhelm-Leuschner-Strasse 7 Tel: +49 69-25629-0 D - 60329 Frankfurt am Main Fax: +49 69-25629-256 -- To unsubscribe, e-mail: suse-security-unsubscribe@suse.comFor additional commands, e-mail: suse-security-help@suse.com ------------------------------------------------------- -- <http://www.dodin.net> <mailto:jdanield@dodin.net>WHO'S THAT GUY ? Help me found it Russia & South america help needed http://www.dodin.net/serge/index.html --------------------------------------------------------------------- Aide sur la liste: <URL:mailto:linux-31-help@CULTe.org>Le CULTe sur le web: <URL:http://www.CULTe.org/>