[33567] in bugtraq
Re: Outbreak warning: possibly Mydoom.C (Now Deadhat/Vesser)
daemon@ATHENA.MIT.EDU (Gadi Evron)
Tue Feb 10 12:40:33 2004
Message-ID: <4028A06B.10403@linuxbox.org>
Date: Tue, 10 Feb 2004 11:12:11 +0200
From: Gadi Evron <ge@linuxbox.org>
MIME-Version: 1.0
To: bugtraq@securityfocus.com
In-Reply-To: <022a01c3ef58$877c0bc0$5b00005a@moregarlic.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
> They all have it as a low-incidence in the wild. What I don't understand is that if it
> hasn't spread, what caused the attack against Microsoft this morning?
A worm that spreads this way can't become huge for obvious reasons, but
it still spreads, thus the DDoS against MS.
There is a some (naming) confusion in the different vendor web pages
about this worm, but the interesting part is that Mydoom.A's source code
is included.
Gadi
