September 18, 2001

Concept Virus(CV) V.5 - advisory and quick analysis

Author: JT Smith

Posted at Help Net Security: "We've all just been hit by a VERY aggressive worm/virus.

Quick analysis indicates that it propagates itself in a number of different ways:

Through use of IIS UNICODE direcory traversal coupled with the recent IIS .dll privilege escalation attack. It uses SMB/CIFS and TFTP to get the worm payload.

Through MAPI mails (probably to all of addressbook)."


  • Linux
Click Here!