Sadmind

The Sadmind worm was a computer worm which exploited vulnerabilities in both Sun Microsystems' Solaris (Security Bulletin 00191, CVE-1999-0977) and Microsoft's Internet Information Services (MS00-078, CVE-2000-0884), for which a patch had been made available seven months earlier. It was discovered on May 8, 2001.^[4]

Backdoor Sadmind
Alias	sadmind/IIS Worm.PoizonBox[1]
Type	Computer worm
Origin	China
Technical details
Platform	Sun Microsystems Solaris[2] Microsoft IIS[3]
Written in	English

Specifically, the virus affected the sadmind daemon on Solaris systems which had sadmind enabled in inetd.conf, since the sadmind daemon normally ran with root privileges.^[5]

fuck USA Government
fuck PoizonBOx

contact:sysadmcn@yahoo.com.cn

Message displayed on sites altered by Sadmind worm.

The worm defaced web servers with a message against the United States government^[6] and the anti-Chinese cracking group PoizonBOx.^[7]

Systems affected by version

Microsoft (IIS):

• Version 4.0^[8]
• Version 5.0

Sun Microsystems (Solaris):

• Version 2.3
• Version 2.4^[9]

See also

• Timeline of computer viruses and worms
• Comparison of computer viruses
• Computer viruses