Code: p616 Severity: Warning
Description: This event is generated when an exploited Internet Information Server (IIS) host attempts to perform a tftp download of the file admin.dll to infect the host with the nimda worm. Impact: Administrator access. A successful attack can allow remote execution of commands with administrator privleges. Corrective: Apply the appropriate patch referenced in Microsoft Security Bulletin MS00-078.
|
