Vulnerability Development mailing list archives

RE: worm atacking NTs vulnerables detected by NA 2K??

From: Reverend Lola <reverend_lola () yahoo com>
Date: Mon, 6 Aug 2001 11:41:49 -0700 (PDT)

Hi, 


----->%-----snip----->%-----


The message that appeared in the hacked site is down

here, and what

was very weirdow was that Norton Antivirus 2000

detected that html

file as a virus. Norton detects hacked web pages?

The message in teh hacked sites said:

fuck USA Government

fuck PoizonBOx

contact:sysadmcn () yahoo com cn

----->%-----snip----->%-----

This is the sadmind/IIS worm.  It infects Solaris
boxes through an old vulnerability, and then uses them
to deface IIS machines.  

Take a look at CERT advisory CA-2001-11,
http://www.cert.org/advisories/CA-2001-11.html.  


Hope this helps, 

Reverend Lola
The Titanium Sheep
Provider of Steel Wool


__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/

Current thread:

worm atacking NTs vulnerables detected by NA 2K?? Hackemate . com . ar (Aug 03)
- <Possible follow-ups>
- RE: worm atacking NTs vulnerables detected by NA 2K?? Reverend Lola (Aug 06)