Operating System » MS Windows » Windows - Virus Protection » What is a computer virus? » Worm Infects Computers With Buffer Overflow Vulnerabilities

Worm Infects Computers With Buffer Overflow Vulnerabilities


The worm which spreads to computers at random IP addresses that are infected with virus to the following Microsoft buffer overflow vulnerabilities: DCOM RPC, WebDAV, IIS5/WEBDAV and Locator Service.


For further information see Microsoft Security Bulletins MS03-026, MS03-007 and MS03-049.


The worm connects to random IP addresses on port 135 or port 445 and exploits these buffer-overflow vulnerabilities to execute a small amount code on computersthat have not been patched. The buffer overflow code downloads the worm and runs it. The worm allows itself to be downloaded via a random port above port 1024.


 


 

Updated On: 04.05.08

Leave your message, comment or feedback:
Your Name (shown) & Your E-mail (hidden) is used only to alert you when someone reply your message.