Disclaimer: This news item was originally posted on Saturday, Aug 23, 2003. Its content may no longer be timely or accurate.

Nachi or W32.Welchia.Worm exploits DCOM RPC and WebDav vulnerabilities

Posted: 10:43:11, Saturday, Aug 23, 2003   Expiration: 19:00:00, Friday, Aug 29, 2003

Nachi or W32.Welchia.Worm exploits DCOM vulnerability using TCP port 135 and WebDav vulnerability using TCP port 80.

Nachi or W32.Welchia.Worm exploits DCOM vulnerability using TCP port 135 and WebDav vulnerability using TCP port 80.

Norton/Symantec Antivirus definitions dated 8/18/2003 can detect W32.Welchia.Worm.

Symantec also provides a removal tool that will clean W32.Welchia.Worm off an infected system.

For details and solutions, please see Help Desk knowledgebase document 2174.

-- Chris Mayeshiba, DoIT Help Desk

Created: 10:43:11, Saturday, Aug 23, 2003 (by WWANG4)
Updated: 11:05:06, Saturday, Aug 23, 2003 (by WWANG4)