Worm Infects Computers With Buffer Overflow Vulnerabilities : MAC-NET Secures IT

MAC-NET

How to

Do more with Firefox^NEW

What is a computer virus?

Alert: Computer Virus Outbreaks

AVG Alternative Update URL

AVG Anti-Virus 7 FE

AVG Anti-Virus 7.5

AVG Email Server Edition

AVG File Server Edition

How to - Avoid Getting Infected

How to - Disabling System Restore

How to - Put Windows in Safe Mode

MAC OS X Anti-Virus

Removal of Trojan

Removing File Locked by OS

Stop the virus Ping-Pong

The real thing !

Viruses: Email-borne

Viruses: On-line Scanners

Home » Virus Protection » What is a computer virus? »

Worm Infects Computers With Buffer Overflow Vulnerabilities

The worm which spreads to computers at random IP addresses that are infected with virus to the following Microsoft buffer overflow vulnerabilities: DCOM RPC, WebDAV, IIS5/WEBDAV and Locator Service.

For further information see Microsoft Security Bulletins MS03-026, MS03-007 and MS03-049.

The worm connects to random IP addresses on port 135 or port 445 and exploits these buffer-overflow vulnerabilities to execute a small amount code on computersthat have not been patched. The buffer overflow code downloads the worm and runs it. The worm allows itself to be downloaded via a random port above port 1024.

Post your comment

Mail this page