Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: "Code Red" worm questions

From: "Nathan W. Labadie" <nate () ucomm wayne edu>
Date: Wed, 18 Jul 2001 13:13:57 -0400
It can definitely hit the english version. In the last 12 hours I've 
seen 6 machines (running the US english version) that have become 
infected with the worm.

On Wednesday 18 July 2001 11:43 am, you wrote:

I've read practically everything about this worm that has been
released. But there are a few questions that I have. First off, I
know the first exploit was written by hsj and it used the offsets for
the japanesse version of IIS. Now in this new worm, has the code been
modified with US (or other) offsets to attack english versions? I
have already had a call regarding a possible "break in attempt." with
very little other information. I would like to be able to them either
they are vulnerable to this worm or not. Thank you, w1re

____________________________________________________
FREE Disinformation E-book - http://www.disinfo.com


---------------------------------------------------------------------
-------


This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see:

http://aris.securityfocus.com


-- 
Nathan W. Labadie       | nate () ucomm wayne edu       
Sr. Security Specialist | 313/577.2126
Wayne State University  | 313/577.5626 fax
GPG Key: http://ucomm.wayne.edu/~nate/gpg_key.asc


----------------------------------------------------------------------------


This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see:

http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: