Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.10767
Categoría:Malware
Título:Tests for Nimda Worm infected HTML files
Resumen:Your server appears to have been compromised by the; Nimda mass mailing worm. It uses various known IIS vulnerabilities to compromise the; server.
Descripción:Summary:
Your server appears to have been compromised by the
Nimda mass mailing worm. It uses various known IIS vulnerabilities to compromise the
server.

Vulnerability Insight:
Anyone visiting compromised Web servers will be prompted to
download an .eml (Outlook Express) email file, which contains the worm as an attachment.

Also, the worm will create open network shares on the infected
computer, allowing access to the system. During this process
the worm creates the guest account with Administrator privileges.

Note: this worm has already infected more than 500.000 computers
worldwide since its release in late 2001.

Solution:
Take this server offline immediately, rebuild it and
apply ALL vendor patches and security updates before reconnecting server to the internet,
as well as security settings discussed in

Additional Information section of Microsoft's web site linked in the references.

Check ALL of your local Microsoft based workstations for infection.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2001-0545
Computer Incident Advisory Center Bulletin: L-132
http://www.ciac.org/ciac/bulletins/l-132.shtml
Microsoft Security Bulletin: MS01-044
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-044
http://www.osvdb.org/5736
XForce ISS Database: iis-url-redirection-dos(6981)
https://exchange.xforce.ibmcloud.com/vulnerabilities/6981
Common Vulnerability Exposure (CVE) ID: CVE-2001-0508
BugTraq ID: 2690
http://www.securityfocus.com/bid/2690
Bugtraq: 20010506 IIS 5.0 PROPFIND DOS #2 (Google Search)
http://online.securityfocus.com/archive/1/182579
http://www.osvdb.org/5606
http://www.osvdb.org/5633
http://www.iss.net/security_center/static/6982.php
Common Vulnerability Exposure (CVE) ID: CVE-2001-0544
BugTraq ID: 3195
http://www.securityfocus.com/bid/3195
XForce ISS Database: iis-invalid-mime-header-dos(6983)
https://exchange.xforce.ibmcloud.com/vulnerabilities/6983
Common Vulnerability Exposure (CVE) ID: CVE-2001-0506
BugTraq ID: 3190
http://www.securityfocus.com/bid/3190
Bugtraq: 20010817 NSFOCUS SA2001-06 : Microsoft IIS ssinc.dll Buffer Overflow Vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=99802093532233&w=2
Bugtraq: 20011127 IIS Server Side Include Buffer overflow exploit code (Google Search)
http://online.securityfocus.com/archive/1/242541
XForce ISS Database: iis-ssi-directive-bo(6984)
https://exchange.xforce.ibmcloud.com/vulnerabilities/6984
Common Vulnerability Exposure (CVE) ID: CVE-2001-0507
Bugtraq: 20010816 ENTERCEPT SECURITY ALERT: Privilege Escalation Vulnerability in Microsoft IIS (Google Search)
http://online.securityfocus.com/archive/1/205069
http://www.osvdb.org/5607
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A909
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A912
XForce ISS Database: iis-relative-path-privilege-elevation(6985)
https://exchange.xforce.ibmcloud.com/vulnerabilities/6985
CopyrightCopyright (C) 2001 Matt Moore

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2022 E-Soft Inc. Todos los derechos reservados.