Vulnerability Development mailing list archives
RE: New "concept" virus/worm?
From: "Tom Brenner" <tom () mics net>
Date: Tue, 18 Sep 2001 14:35:38 -0400
Right. We have it on a 98 machine here. Our Win2K server was protected but it appears our NT server is afflicted. I thought I had the NT machine all up to date, but..... Tom Brenner Director of Operations Midwest Internet Connections & Services, Inc. Phone: (937) 297-6212 Fax: (937) 297-6214 Toll Free Outside Dayton Area: 1-877-get-4fam Visit our home page at: http://www.4fam.net -----Original Message----- From: Dave Salovesh [mailto:salovesh () ramassociates com] Sent: Tuesday, September 18, 2001 1:21 PM To: 'Brett Glass'; Jay D. Dyson; Incidents List Cc: Vuln Dev Subject: RE: New "concept" virus/worm? It infects 98 (I've got it on the one 98 workstation we run) and may have been involved in infecting two of NT4 servers. I also have two UNinfected NT4 servers that are patched to about the same level as the infected ones - not quite completely patched, but I think I've selected all the appropriate ones for the role each server plays. My W2K server is patched up to the minute and didn't get infected. So far... -- Dave Salovesh RAM Associates, Inc. (800) 543-3635
-----Original Message----- From: Brett Glass [mailto:brett () lariat org] Sent: Tuesday, September 18, 2001 12:58 PM To: Jay D. Dyson; Incidents List Cc: Vuln Dev Subject: Re: New "concept" virus/worm? At 10:21 AM 9/18/2001, Jay D. Dyson wrote:It's a two-prong worm. It appears to be primarilydisseminatedvia e-mail, and then launches its attacks on web hosts uponsuccessfulinfection.Newsbytes is calling this worm "Code Rainbow," while some of the antivirus firms seem to be calling it "W32.Nimda.A@mm". Can the e-mail infect anything other than Windows NT/2000? Will it infect a system that's running Windows NT/2000 but not IIS? If a Windows 95/98/ME user opens it, will his or her system begin to spread the worm as well? --Brett Glass -------------------------------------------------------------- -------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
--- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.280 / Virus Database: 147 - Release Date: 9/11/2001 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.280 / Virus Database: 147 - Release Date: 9/11/2001
Current thread:
- New "concept" virus/worm? Joao Gouveia (Sep 18)
- <Possible follow-ups>
- RE: New "concept" virus/worm? Dave Salovesh (Sep 18)
- RE: New "concept" virus/worm? Tom Brenner (Sep 18)
- RE: New "concept" virus/worm? John Thornton (Sep 18)
- RE: New "concept" virus/worm? Peter Mueller (Sep 18)
- Re: New "concept" virus/worm? Mark Kennedy (Sep 18)