izzzy12k
09-18-2001, 02:25 PM
http://www.sarc.com/avcenter/venc/data/w32.nimda.a@mm.html
W32.Nimda.A@mm is a new mass-mailing worm that utilizes email to propagate itself. The threat arrives as a file named readme.exe in an email.
In addition, the worm sends out probes to Microsoft IIS servers attempting to spread itself by using the Unicode Web Traversal exploit similar to W32.BlueCode.Worm. Compromised servers may display a webpage prompting a visitor to download an Outlook file which contains the worm as an attachment.
W32.Nimda.A@mm is a new mass-mailing worm that utilizes email to propagate itself. The threat arrives as a file named readme.exe in an email.
In addition, the worm sends out probes to Microsoft IIS servers attempting to spread itself by using the Unicode Web Traversal exploit similar to W32.BlueCode.Worm. Compromised servers may display a webpage prompting a visitor to download an Outlook file which contains the worm as an attachment.