hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
Full Version: New Blaster Varients
GovernmentSecurity.org > The Archives > Exploit Articles
packet
Aug 14 2003, 01:34 PM
Not really very big news but there are a few new varients running around. They are W32.Blaster.C.Worm; W32.Blaster.B.Worm; W32.Randex.E and they apparently all use the same infection vector used by the W32.Blaster worm. But Randex, which seems to be the most different also uses some new ports like 113.

It also appears that it is also possible to be infected by port 593 which is RPC over HTTP but I haven't seen an actual verification of this yet.

-P.G.
ssj4conejo
Aug 14 2003, 03:54 PM
Interesting.... you know what this means = ).... well isps have been blocking ports 135 and the other regular rpc port, but if the worm starts using 113, and others i think isps wont be able to block every port, customers would be crying... in other words the RPC exploit might be revived if the worm keeps using different ports like that, i guess the author of the worm got too many death threats

rolleyes.gif ph34r.gif

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.