Support News

Nachi or W32.Welchia.Worm exploits DCOM RPC and WebDav vulnerabilities

Posted: 2003-08-23 10:43:11   Expiration: 2003-08-29 19:00:00

Disclaimer: This news item was originally posted on 2003-08-23 10:43:11. Its content may no longer be timely or accurate.

Nachi or W32.Welchia.Worm exploits DCOM vulnerability using TCP port 135 and WebDav vulnerability using TCP port 80.

Nachi or W32.Welchia.Worm exploits DCOM vulnerability using TCP port 135 and WebDav vulnerability using TCP port 80.

Norton/Symantec Antivirus definitions dated 8/18/2003 can detect W32.Welchia.Worm.

Symantec also provides a removal tool that will clean W32.Welchia.Worm off an infected system.

For details and solutions, please see Help Desk knowledgebase document 2174.

-- Chris Mayeshiba, DoIT Help Desk