The Web    Google
2/8: Wallz Worm Exploits LSAS Flaw

2/8: Wallz Worm Exploits LSAS Flaw
February 8, 2005

W32.Wallz is a worm that attempts to exploit the Microsoft Windows Local Security Authority Service Remote Buffer Overflow (described in Microsoft Security Bulletin MS04-011). The worm spreads by randomly scanning IP addresses for computers vulnerable to this threat.

Technical details can be found at Symantec page.

  • Virus Update: Lovgate Worm Still Out
  • 5/2: LegMir-DR a Password-Stealing Trojan
  • IRS Giving Goods Away
  • 7/30: Tompai-A Has Backdoor Functionality
  • 8/20: Rbot-GS Exploits Vulnerabilities
  • 10/29: Beagle@mm!CPL Detects Worms
  • A case study in security incident forensics and response.
  • Major Vendors Team for Open Security Standard
  • Netsky-C Hammers U.S. and U.K.
  • Is a Job in Security the Cure for Job Insecurity?
  • 3/8: SymbOS/Commwarrior-A Hits Nokia
  • Cheap Security Camera