Full Disclosure mailing list archives
Re: Super Worm
From: "Willem Koenings" <isec () europe com>
Date: Sun, 18 Apr 2004 09:33:03 -0500
What it says is: "Possible combined exploits of MS vulnerabilities" "It has been a very quiet day, but we are hearing rumors of possible 'super' exploits that may target several of the vulnerabilities announced by Microsoft on Tuesday. We've been contacted by an individual who have have been infected such an exploit, but investigation of this is still underway." I'm not sure that "possible 'super' exploits" - plural - translates literally into "super worm" - singular.
'possible super exploits' and 'super worms' are terms that press would love. but staying in reality - even now out there is worms that are capable exploiting several vulnerabilities at the same time: W32.HLLW.Gaobot.AZ The worm uses multiple vulnerabilities to spread, including: The DCOM RPC vulnerability (described in Microsoft Security Bulletin MS03-026) using TCP port 135 The RPC locator vulnerability (described in Microsoft Security Bulletin MS03-001) using TCP port 445 The WebDav vulnerability (described in Microsoft Security Bulletin MS03-007) using TCP port 80 http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.gaobot.az.html no doubt, future worms are more and more capable exploiting several vulnerabilities at the same time. Willem -- ___________________________________________________________ Sign-up for Ads Free at Mail.com http://promo.mail.com/adsfreejump.htm _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Super Worm, (continued)
- Re: Super Worm John Sage (Apr 17)
- Re: Super Worm bipin gautam (Apr 18)
- Re: Super Worm William Warren (Apr 18)
- Re: Super Worm bruno_fob (Apr 18)
- RE: Super Worm Sean Crawford (Apr 18)
- Re: Super Worm Niek Baakman (Apr 18)
- Re: Super Worm bipin gautam (Apr 18)
- Re: Super Worm John Sage (Apr 17)
- Re: Super Worm Sven Fischer (Apr 19)
- Re: Super Worm Richard Maudsley (Apr 19)
- Re: Super Worm Valdis . Kletnieks (Apr 19)
- Re: Super Worm Richard Maudsley (Apr 19)
- Re: Super Worm Willem Koenings (Apr 18)
- Re: Super Worm Willem Koenings (Apr 18)
- Re: Super Worm Valdis . Kletnieks (Apr 19)
- Re: [FD] Super Worm Andrew J Caines (Apr 19)
- Re: [FD] Super Worm Andrew J Caines (Apr 19)
- Re: Re: [FD] Super Worm Valdis . Kletnieks (Apr 19)
- Re: Re: [FD] Super Worm Gregory A. Gilliss (Apr 19)
- Re: Re: [FD] Super Worm Dave Horsfall (Apr 19)
- Re: Re: [FD] Super Worm Bruce Ediger (Apr 20)
- Re: Re: [FD] Super Worm Dave Horsfall (Apr 20)
- Re: Super Worm Valdis . Kletnieks (Apr 19)
- Re: .hash= Joris De Donder (Apr 21)