You are here: silicon.com > Resources > White Papers

White Papers

CERT® Advisory CA-2001-26 Nimda Worm

Overview Original release date: September 18, 2001
Revised: September 25, 2001

The CERT/CC has received reports of new malicious code known as the W32/Nimda worm or the Concept Virus (CV) v.5. This new worm appears to spread by multiple mechanisms:

- from client to client via email - from client to client via open network shares
- from web server to client via browsing of compromised web sites
- from client to web server via active scanning for and exploitation of various Microsoft IIS 4.0 / 5.0 directory traversal vulnerabilities (VU#111677 and CA-2001-12) - from client to web server via scanning for the back doors left behind by the "Code Red II" (IN-2001-09), and "sadmind/IIS" (CA-2001-11) worms

The worm modifies web documents (e.g., .htm, .html, and .asp files) and certain executable files found on the systems it infects, and creates numerous copies of itself under various file names.

We have also received reports of denial of service as a result of network scanning and email propagation.

Further White Paper Details
Publisher	CERT Coordination Center	File Format	HTML
Date Published	September 2001
Format	White Papers
Topics	N/A

Did you find this white paper useful?

Delivering Information in Real Time

Publisher:
IBM

IDC reports on Novell's Secure Desktop Solution: A Modern-Day Marriage of Business Benefit and Risk Reduction

Publisher:
Novell

Green IT: Reducing your Carbon Footprint with Citrix

Publisher:
Citrix Systems

A Day in a Low Carbon Life 2012

Publisher:
IBM

Does 802.11n deliver better wireless services for Enterprises?

Publisher:
Siemens

Gnutella worm threatens music lovers

Jack Clark, spokesman for anti-virus company Network Associates, said: "It's about concept more than actual damage, but it should remind everyone that wherever people are sharing files there could be a malicious pair of eyes watching.

Channel:
Security Strategy

Does the internet have 24 hours to live?

Code Red propagates itself by scanning for systems with a vulnerability in Microsoft's IIS software. Although reports vary, some experts suggest up to 350,000 computers have so far been infected by the malicious worm.

Channel:
Security Strategy

Worm warning: Supova doesn't believe in God

Anti-virus firm Symantec is warning users of the popular KaZaA file-sharing network to beware of a new worm which attempts to spread by posing as tempting files. The worm can come under the guise of any number of different file names, but users...

Channel:
Security Strategy

Worm warning: Another little wriggler plagues Kazaa

A computer infected by a Trojan can be employed by a malicious hacker to take part in a Denial of Service attack. Anti-virus firm Kaspersky Labs said on Thursday that it had detected the worm, called Duload, spreading across the Kazaa network.

Channel:
Security Strategy

Virus alerts: Malware in waiting for post-xmas chaos

Users can remove the worm simply by scanning their PCs with antivirus software that has up-to-date virus definitions, from Panda, Symantec, McAfee or others. The Jitux.A worm has already begun to spread via MSN Messenger, according to Panda Software.

Channel:
Security Strategy

Symantec plugs virus scanning flaw

Symantec has issued a patch for a flaw in its scanning software that could cause a virus to execute, rather than catch it. Symantec said in an advisory: "The impact of this vulnerability is exaggerated by the fact that many email and other traffic...

Channel:
Security Strategy

IDC reports on Novell's Secure Desktop Solution: A Modern-Day Marriage of Business Benefit and Risk Reduction

This IDC whitepaper examines how companies are turning to integrated security solutions, such as Novell Secure Desktop Solution, to deal with the vulnerability of mobile assets and implement a comprehensive security strategy.

Publisher:
Novell

Getting Started with Master Data Management

Master data management forms part of an overall enterprise governance program that aims to establish trusted data throughout the enterprise. This white paper from Mike Ferguson of Intelligent Business Strategies defines master data, examines why it is needed, and explores methodologies for implementing master data management.

Publisher:
DataFlux

Balancing Security Against Productivity

What makes for great security? Is it about keeping the bad guys out or letting the good guys in? About defending attacks or preventing them? When IDG Research Services queried IT security professionals on the topic, intriguing insight into the effectiveness of security management came to light.

Publisher:
Novell

Also on silicon.com

Site Navigation:

White Papers

CERT® Advisory CA-2001-26 Nimda Worm

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific