Security Incidents mailing list archives
Code Red II inspired by both Code Red and sadmind/IIS
From: Denis Normand <normand () interlink net>
Date: Wed, 08 Aug 2001 22:25:40 -0400
I just came back from vacation and was catching up on various things, among which Code Red II. On July 2, I posted a message on this list about a side effect of sadmind/IIS where, under some configuration, root.exe was left behind in the /MSADC/ virtual folder. From the uniattack.pl script of sadmind/IIS, this side effect seems unintentionnal. I was very surprised to see that what was a side effect in sadmind/IIS is actually one of the core purpose of CR2! This leads me to think that the author of Code Red II was not only inspired by Code Red, but by sadmind/IIS as well. Also, the first side effect I mentioned in the previous post, is even more effective with Code Red I and II. Denis Normand normand () interlink net ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Code Red II inspired by both Code Red and sadmind/IIS Denis Normand (Aug 09)
- Re: Code Red II inspired by both Code Red and sadmind/IIS Nick FitzGerald (Aug 10)