[Gllug] New Code Red
Gordon Joly
gordon.joly at pobox.com
Mon Aug 6 15:33:40 UTC 2001
At 9:08 +0100 2001-08-05, John Hearns wrote:
>I think we did the Code Red thing to death.
>
>However, I think it is worth passing on that Securityfocus are reporting
>a new worm,
>based on the Code Red exploit. This one has a malicious payload,
>so if anyone knows clients or colleagues with IIS servers, make sure
>they
>are patched!
Stuff at http://www.incidents.org/react/code_redII.php
Note: According to eEye, the worm code
will be successfully
executed only on a Win2000 system running
a vulnerable IIS
server, WinNT-based IIS servers will
simply crash when
attempting to execute the worm code. Our
experiments and
reports received from users confirm this finding.
--
Gordon Joly//////////
gordon.joly at pobox.com
http://pobox.com/~or/
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list