ITrain Homepage

Site Directory
Membership
Train-the-Trainer
Trainer Certification
Certified Training Materials
ITinfo E-zine
Responsible Training
White Papers
Trainer Resources
What's New
Speaking Engagements
Onsite Training
ITrain Gear



Popular Links
Speaking Engagements
Training Manuals
Certification
Train the Trainer
The Training Book
Technical Writing
Privacy Policy

Print this document

Google
Web ITrain.org

Solaris & IIS At Risk

CERT warns of new Internet worm

ITinfo Sponsor

ERROR: Random File Unopenable

ERROR: Random File Unopenable

The random file, as specified in the $random_file perl variable was unopenable.

The file was not found on your file system. This means that it has either not been created or the path you have specified in $trrandom_file is incorrect.

Worm Infects Microsoft IIS and Solaris Servers

by Dave Murphy
ISSN 1535-3613

Dave Murphy, ITrain founder CERT, Carnegie Mellon University's Computer Emergency Response Team, has received numerous reports of a worm that infects servers running Sun Microsystems Solaris OS and Microsoft Internet Information Server (IIS).

The worm takes advantage of known security flaws in both servers' software to compromise systems and deface web pages, according to CERT, which has named the malicious code the "sadmind/IIS worm."

"We have received a very large number of reports of systems being compromised by the worm, both Solaris and IIS systems," said Chad Dougherty, Internet security analyst at CERT. "We started receiving reports early on Monday." The Solaris system is entered by using a 2-year-old buffer overflow vulnerability. Then a security hole that was uncovered seven months ago is used to break into the IIS system.

Once infected the Solaris system is used to scan and compromise other Solaris systems and IIS systems, CERT said.

Patches to both Sun's and Microsoft's software have been publicly available for quite a while. However, it's our experience that many network administrators don't make full efforts to secure their servers, even when patches are freely released and well documented.

Call for Comments

What do you think? Leave your comments on the message center.

References

CERT Advisory
Sun Microsystems
Microsoft
Message Center

Related Article

Microsoft IIS 5.0 Opens Security Hole in Windows 2000

Subscribe to ITinfo.
Receive computing and Internet news & tips
by subscribing to the ITinfo information service.
Type your Internet email address in the form, and click "Subscribe."
Email Address:

Previous issues are on our website at http://itrain.org/itinfo/.

International Association of Information Technology Trainers
PMB 616
6030-M Marshalee Dr
Elkridge, MD 21075-5987

410.567.5366
1.888.290.6200
fax: 801.650.0423
Membership Director: member@itrain.org

Return to ITrain Homepage

Copyright © 2001 International Association of Information Technology Trainers, Ltd., All Rights Reserved

http://itrain.org/itinfo/2001/it010508.html
updated May 8, 2001