 |
For GP-Web customers:
sadmind/IIS worm problem/solution information |
|
|
|
| The following explanation concerns a problem that may occur when using the WindowsNT® or Windows2000® 's Web Server to view GP-Web data over the Internet. |
|
| 1. |
Overview |
|
A new piece of self-propagating malicious code, referred to here as the "sadmind/IIS worm", has recently been reported. The worm uses two well-known vulnerabilities to compromise systems and deface web pages. First, the worm exploits a 2-year old buffer overflow vulnerability in Solaris systems and installs software to attack Microsoft IIS web servers. It will also propagate itself to other vulnerable Solaris systems.
The installed software has a vulnerability to compromise Microsoft IIS systems (Microsoft Internet Information Server 4.0 and Microsoft Internet Information Services 5.0) that have not yet installed a patch (fix). |
|
| 2. |
Solutions |
|
Pro-face strongly recommends users download the appropriate patch from Microsoft's home page. See the URL information below for site details. |
|
| Microsoft TechNet |
|
http://www.microsoft.com/technet/security/bulletin/ms01-026.asp
|
| JPCERT/CC |
|
http://www.cert.org/advisories/CA-2001-11.html |
|
|
|
|
|
