Full Disclosure mailing list archives
Re: Worm_RBOT.EI
From: Ron DuFresne <dufresne () winternet com>
Date: Fri, 23 Jul 2004 15:54:44 -0500 (CDT)
see what happens when you leave systems unpatched and with open insecure windows ports to the internet; Description: This worm spreads via network shares, and takes advantage of the following Windows vulnerabilities to propagate across networks: * Remote Procedure Call (RPC) Distributed Component Object Model (DCOM) vulnerability * LSASS Vulnerability Thanks, Ron DuFresne On Fri, 23 Jul 2004, Matt Carlson wrote:
Has anyone else seen any infections of this? So far 13 servers, and 200 workstations here, luckily closed down alot of it before it became too big. http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_RBOT.EI Matt _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Worm_RBOT.EI Matt Carlson (Jul 23)
- Re: Worm_RBOT.EI Ron DuFresne (Jul 23)