|
|
Rubrik: Virenwarnung/Aktuelle Meldungen Central
Command: Internet Virus Alert: New RPC Computer Worm Named Worm/Lovsan.A Worm
Exploiting the Known RPC Buffer Overrun Vulnerability Gains Momentum (12.08.03)
- Central Command, provider of PC anti-virus software and services, today
warns Internet users of Worm/Lovsan.A, an Internet worm circulating
worldwide. Discovered on August 11, 2003, Worm/Lovsan.A, attempts to use the
RPC Buffer Overrun vulnerability (a security hole) within un-patched
Microsoft Windows NT, Windows 2000, Windows XP and Microsoft Windows serverT
2003 operating systems. This Internet worm does not affect Linux, Unix and
Apple users.
Anzeige
Worm/Lovsan.A
is an Internet worm that exploits known security vulnerability in Microsoft's
Windows Distributed Component Object Model (DCOM) Remote Procedure Call (RPC)
interface. This security breach allows someone with malicious intent to run
code of his or her choice. TCP port directly affected by this exploit
includes: 135. Worm/Lovsan.A
will download and run the file msblast.exe using the Trivial File Transfer
Protocol (Tftp). "Unfortunately,
un-patched systems are again proving to be a vector for fast spreading Internet
based worms. Updating antivirus software and patching systems against the
latest exploits and vulnerabilities should become standard habit," said
Steven Sundermeier, Vice President of Products and Services at Central
Command, Inc. "A properly patched system would prevent someone with
malicious intent from successfully gaining control over a compromised
computer under the scope of this vulnerability." A
detailed analysis can be found at www.centralcommand.com.
A patch
has been available for since July 2003. More information about this
vulnerability can be found in Microsoft Security Bulletin MS03-026. (ma) Central
Command Inc. Contact:
Steven Sundermeier, Product Manager Tel.
(001-330) 723-2062 x204, Fax (001-330) 722-6517 E-Mail:
ssundermeier@centralcommand.com |
