| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <006b01c2c4a7$14054f30$6601a8c0@rms2> From: rms at computerbytesman.com (Richard M. Smith) Subject: Is Sapphire the world's smallest computer worm? At 376 bytes, is this new Sapphire worm the world's smallest computer worm? The only competition I can think of is the Morse worm. Anybody know how big it was? Richard -----Original Message----- From: cstone [mailto:cstone@...ox.com] Sent: Saturday, January 25, 2003 7:08 AM To: Michael Bacarella Subject: Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! On Sat, Jan 25, 2003 at 02:11:41AM -0500, Michael Bacarella wrote: > I'm getting massive packet loss to various points on the globe. > I am seeing a lot of these in my tcpdump output on each > host. > > It looks like there's a worm affecting MS SQL Server which is > pingflooding addresses at some random sequence. yeah. i guess it's an old vulnerability, but i don't keep up on this stuff. however, i have disassembled the code inside; all it does is send itself to pseudorandomly generated hosts. there is an annotated disassembly at http://www.boredom.org/~cstone/worm-annotated.txt --cstone@...ox.com
Powered by blists - more mailing lists