| 1. | Email-Worm.Win32.Eyeveg.g
This worm spreads via the Internet as an attachment to infected emails. It also spreads via open network resources. It sends itself to email addresses harvested from the infected computer.
It is written in Visual C++ and packed using UPX. The program has two files: an executable (EXE) file and a...
|
| 2. | Email-Worm.Win32.Eyeveg.b
This worm is written in Visual C++ and packed using UPX. The file is 41480 bytes in size.
Installation
The worm copies itself to the system directory under a random name which consists of six characters. It then registers this file in the system registry:...
|
| 3. | Email-Worm.Win32.Eyeveg.f
This worm is written in Visual C++ and is made up of two files, an executable file (EXE) and a dynamic link library (DLL), which is found within the EXE file. The EXE file is packed using UPX, and it is 80384 bytes in size. The DLL file is 77824 bytes in size.
Installation
The worm copies itself...
|
| 4. | Net-Worm.Linux.Adm
This is the worm infecting Linux systems. The worm was discovered in spring
1998. It spreads itself from system to system by using a Linux security
breach (so called "buffer overrun" breach) that allows to upload to remote
system and run there a short piece of code that then downloads and
activates...
|
| 5. | Net-Worm.Linux.Cheese
Text written by Costin Raiu, Kaspersky Lab, Romania
This is an Internet worm that replicates between systems that were previously hacked by the "Ramen" Linux worm, and not the "Lion" or "Adore" worms as it is stated in other various descriptions, or the worm itself.
(see the text below) "Cheese"...
|
| 6. | Net-Worm.Linux.Lupper.a
This malicious program spreads as an ELF format file and represents a threat to Linux web servers.
The worm spreads via the following vulnerabilities:
AWStats Rawlog Plugin Logfile Parameter Input Validation Vulnerability (Bugtraq 10950);
XML-RPC for PHP Remote Code Injection Vulnerability...
|
| 7. | Net-Worm.Linux.Mighty
"Mighty" is an Internet worm that infects Linux machines running the popular "Apache" web server software. It does that by exploiting a vulnerability in the "Secure Sockets Layer" SSL "mod_ssl" interface code of the server which was originally reported on July 30, 2002, and listed by the Computer...
|
| 8. | Net-Worm.Linux.Ramen
This is the first known worm infecting RedHat Linux systems. The worm was discovered in the middle of January 2001. The worm spreads itself from system to system by using a RedHat security breach (a so-called "buffer overrun" breach) that allows for uploading to a remote system and running a short...
|
| 9. | Net-Worm.Linux.Slapper.a
"Slapper" is an Internet worm that infects Linux machines running the popular "Apache" web server software. It does that by exploiting a vulnerability in the "Secure Sockets Layer" SSL "mod_ssl" interface code of the server which was originally reported on July 30, 2002, and listed by the Computer...
|
| 10. | Net-Worm.Perl.Santy.a
This worm uses a vulnerability in phpBB, which is used to create forums and web sites, to spread via the Internet. phpBB versions lower than 2.0.11 are vulnerable.
The worm is written in Perl, and is 4966 bytes in size.
Propagation
The worm creates a specially formulated Google search request....
|
