18 Sep
2001
18 Sep
'01
15:45
replying to myself: On September 18th, 2001 a new worm has been spreading globally. Nimda is a mass mailing worm that spreads itself in attachments named "readme.exe". Further the worm contains abilitity to scan and spread via Internet Information Server (IIS). To do that, the worm uses either a backdoor created by Sadmind and CodeRed worms, or IIS unicode vulnerability. Source: f-secure.com -- intraDAT AG http://www.intradat.com Wilhelm-Leuschner-Strasse 7 Tel: +49 69-25629-0 D - 60329 Frankfurt am Main Fax: +49 69-25629-256