Overview Edit

The Code Red worm was a computer worm first observed on the Internet on July 13, 2001. It attacked computers running Microsoft's IIS web server. The worm spread itself using a common type of vulnerability known as a buffer overflow. It did this by using a long string of the repeated character 'N' to overflow a buffer, allowing the worm to execute arbitrary code and infect the computer. The worm propagated and infected systems faster than anyone's ability to download and install the necessary corrective patches.

The worm "infected more than 359,000 computers in less than 14 hours and 2,000 new infections per minute occurred during the height of its attack."[1]

References Edit

  1. Information Technology for Counterterrorism: Immediate Actions and Future Possibilities, at 19.

External resources Edit

  • CERT® Advisory CA-2001-19 "Code Red" Worm Exploiting Buffer Overflow In IIS Indexing Service DLL (July 19, 2001, revised, Jan. 17, 2002) (full-text).
  • CERT® Advisory CA-2001-23 Continued Threat of the "Code Red" Worm (July 26, 2001, revised, Jan. 17, 2002) (full-text).
  • CERT® Incident Note IN-2001-10: "Code Red" Worm Crashes IIS 4.0 Servers with URL Redirection Enabled (Aug. 16, 2001) (full-text).
  • CERT® Incident Note IN-2001-09: "Code Red II:" Another Worm Exploiting Buffer Overflow In IIS Indexing Service DLL (Aug. 6, 2001) (full-text).

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.