Proceed to WirelessDevNet Home Page
Publications, e-books, and more! Community Tutorials Store Downloads, tools, & Freebies! IT Career Center News Home
newnav.gif
Newsletters
EMail Address:
   Content
  - Articles
  - Columns
  - Training
  - Library
  - Glossary
 
   Career Center
  - Career Center Home
  - View Jobs
  - Post A Job
  - Resumes/CVs
  - Resource Center
 
   Marketplace
  - Marketplace Home
  - Software Products
  - Wireless Market Data
  - Technical Books
 
   News
  - Daily News
  - Submit News
  - Events Calendar
  - Unsubscribe
  - Delivery Options
 
   Community
  - Discussion Boards
  - Mailing List
  - Mailing List Archives
 
   About Us
  - About WirelessDevNet
  - Wireless Source Disks
  - Partners
  - About MindSites Group
  - Advertising Information
 

Wireless Developer Network - Daily News

Visit the WirelessDevNet Symbian DevZone

Today's News | Yesterday's News | Submit News | News-"wireless" Top Stories! | Around-The-Web | Wireless DevZones!

Worm Has Exploited 'MS Index Server & Indexing Service ISAPI Buffer Overflow' Vulnerability


SAN JOSE, Calif., July 20 /PRNewswire/ -- A vicious worm may have already infected thousands of computers running on Microsoft IIS Web servers. The worm exploits a known vulnerability, "MS Index Server and Indexing Service ISAPI Extension Buffer Overflow" (the .ida attack). The worm defaces sites that run the English version of the Windows NT/2000 operating system and replicates itself to vulnerable Web servers creating a possible vast Denial-Of-Service situation.

Impact On Web Sites

Several sites that run the English version of Windows NT/2000 operating systems have already been infected and some defaced. The defacement works for 10 hours, or until the machine is rebooted. Machines targeted by the worm are subject to a Denial of Service attack regardless of whether they were infected with the worm or not. Recent reports indicate that within the next 24 hours the Code Red worm could also run Denial-Of-Service attacks against http://www.whitehouse.gov, thereby defacing and crippling certain U.S. government Web sites.

According to a recent bulletin, the worm: -- Sets up 100 threads out of which 99 spread the worm by infecting other sites. -- The thread defaces the Web site in English Windows systems A Microsoft advisory several weeks ago recommended a patch and workaround. Still, the number of servers that were penetrated by the worm is vast. This incident demonstrates, once more, the inherent problem of system owners to promptly apply patches and to configure their systems properly. The Red Code worm has been a known vulnerability for some time, according to Dr. Yona Hollander, Entercept Security Technologies vice president of strategy. However, it is difficult for many site managers to stay on top of the patches before, during and even after the attacks.

Entercept Advisory

Entercept Security Technologies has advised it customers running its Web Server agents, that they are safe from the Red Worm attack, since the Entercept Web Server agent prevents the attacks at multiple layers.
Sponsors

Search

Eliminate irrelevant hits with our industry-specific search engine!





Wireless Developer Network - A MindSites Group Trade Community
Copyright© 2000-2010 MindSites Group / Privacy Policy
Send Comments to:
feedback@wirelessdevnet.com