Sadmind

The Sadmind worm was a computer worm which exploited vulnerabilities in both Sun Microsystems' Solaris (Security Bulletin 00191) and Microsoft's Internet Information Services (MS00-078), for which a patch had been made available seven months earlier. It was discovered on May 8, 2001.[4]

Sadmind
Common nameBackdoor Sadmind
Aliases
  • sadmind/IIS
  • Worm.PoizonBox[1]
TypeComputer worm
Point of originChina
Operating system(s) affected
Written inEnglish
fuck USA Government
fuck PoizonBOx
contact:sysadmcn@yahoo.com.cn
Message displayed on sites altered by Sadmind worm.

The worm defaced web servers with a message against the United States government[5] and the anti-Chinese cracking group PoizonBOx.[6]

Systems affected by versionEdit

Microsoft (IIS):

  • Version 4.0[7]
  • Version 5.0

Sun Microsystems (Solaris):

  • Version 2.3
  • Version 2.4[8]

See alsoEdit

ReferencesEdit

  1. ^ "Sadmind". F-secure. Retrieved 9 February 2013. CS1 maint: discouraged parameter (link)
  2. ^ "CERT Advisory CA-2001-11: sadmind/IIS Worm". Carnegie Mellon University Software Engineering Institute. Archived from the original on 2001-11-07. Retrieved 5 October 2019.CS1 maint: unfit URL (link)
  3. ^ "Microsoft IIS and PWS Extended Unicode Directory Traversal Vulnerability". Security Focus. Retrieved 9 February 2013. CS1 maint: discouraged parameter (link)
  4. ^ "Backdoor.Sadmind". Symantec. Retrieved 9 February 2013. CS1 maint: discouraged parameter (link)
  5. ^ "Unix/SadMind - Worm - Sophos threat analysis". Accessed January 13, 2008.
  6. ^ Raiu, Costin. "One Sad Mind". Accessed January 13, 2008.
  7. ^ "New Sadmind/IIS Worm Defaces Websites and Compromises Internet Security". e-Corp. Archived from the original on 2016-03-04. Retrieved 9 February 2013. CS1 maint: discouraged parameter (link)
  8. ^ "Malware FAQ: Sadmind/IIS Worm". SANS. Retrieved 2019-10-06. CS1 maint: discouraged parameter (link)

External linksEdit