Alias:
Category: Win32
Type: Worm
Published Date: 2/24/2004
Last Modified: 2/24/2004
CHARACTERISTICS
Win32.Nachi.D is a worm that spreads by exploiting up to four different vulnerabilities in Microsoft Windows and through the backdoor installed by Win32.Mydoom.A worm.
1. Microsoft IIS WebDAV vulnerability (through TCP port 80):
http://www.microsoft.com/technet/security/bulletin/MS03-007.asp
2. Microsoft RPC Locator vulnerability (through TCP port 445):
http://www.microsoft.com/technet/security/bulletin/MS03-001.asp
3. Microsoft DCOM RPC vulnerability (through TCP port 135):
http://www.microsoft.com/technet/security/bulletin/MS03-039.asp
4. Microsoft Windows Workstation Service vulnerability (through TCP port 445):
http://www.microsoft.com/technet/security/bulletin/MS03-049.asp
Win32.Nachi.D only works on Windows NT/2000/XP/2003 operating systems.
http://www3.ca.com/virusinfo/virus.aspx?ID=38383

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic