Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: New "concept" virus/worm?

From: "Mark Kennedy" <mkennedy () symantec com>
Date: Tue, 18 Sep 2001 12:35:34 -0700

Check out this page for more information:

http://securityresponse.symantec.com/avcenter/venc/data/w32.nimda.a () mm html

Thanx,

Mark




                                                                                                                  
                    Brett Glass                                                                                   
                    <brett@lariat        To:     "Jay D. Dyson" <jdyson () treachery net>, Incidents List            
                    .org>                <incidents () securityfocus com>                                            
                                         cc:     Vuln Dev <vuln-dev () securityfocus com>                            
                    09/18/2001           Subject:     Re: New "concept" virus/worm?                               
                    09:57 AM                                                                                      
                                                                                                                  
                                                                                                                  




At 10:21 AM 9/18/2001, Jay D. Dyson wrote:


       It's a two-prong worm.  It appears to be primarily disseminated
via e-mail, and then launches its attacks on web hosts upon successful
infection.


Newsbytes is calling this worm "Code Rainbow," while some of the antivirus
firms seem to be calling it "W32.Nimda.A@mm".

Can the e-mail infect anything other than Windows NT/2000? Will it infect
a system that's running Windows NT/2000 but not IIS? If a Windows 95/98/ME
user opens it, will his or her system begin to spread the worm as well?

--Brett Glass
Previous By Date Next
Previous By Thread Next

Current thread: