BleepingComputer.com > Banwarum Worm - Offers Tickets For The World Cup?

Full Version: Banwarum Worm - Offers Tickets For The World Cup?

BleepingComputer.com > Security > Breaking Virus & Security News

harrywaldron

May 25 2006, 09:52 PM

QUOTE

W32.Banwarum@mm is a mass-mailing worm that uses its own SMTP engine to send an email to addresses that it gathers from the compromised computer. The worm also spreads through the network by exploiting the Microsoft Windows ASN.1 Library Bit String Processing Variant Heap Corruption Vulnerability (as described in Microsoft Security Bulletin MS04-007). The worm also opens a back door via HTTP access.

This new email threat should be easy for most users to avoid. The text of the message is in German and this new worm exploits vulnerabilities in MS04-007. Users should be cautious with all email messages.

Banwarum Worm - Offers Tickets for the WORLD CUP?
http://www.f-secure.com/weblog/archives/ar...6.html#00000885
http://secunia.com/virus_information/29439/banwarum/
http://secunia.com/virus_information/29440/banwarum.dll/
http://secunia.com/virus_information/29438/ranchneg.a/

Diagram of worm behavior
http://www.trendmicro.com/vinfo/images/WOR...NCHNEG_A_BD.gif

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.