Ask the Expert

Backdoor access with Nimda

Can you explain why someone was able to use the NIMDA.E Version as a backdoor to a computer that I had to repair?

    Requires Free Membership to View

The Nimda worm uses an existing backdoor (Unicode exploit) to gain access to a system to install itself. Once someone has access to root.exe, they could do anything wanted on an unpatched, compromised host.

Once a system is properly patched, Nimda and other worms will not be able to use that entry point.

This was first published in November 2001

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: