Quote:
|
Originally Posted by threadbare
not really! the welchia virus was a blended threat and was active on other ports not just 135
|
it was ACTIVE on other portsd ( it uses udp port 69, tftp, to retrieve its download, but it MUST make contact on port 135 in order to infect a machine, it relies on a vulnerability within the RPC service in windows that allows arbitrary code execution, without that, it cant do anything.
Other viruses do use other vulnerabilities in other services ( 137 for example is one of the filesharing ports, which also has similar vulnerabilities ) but they are not variants of blaster, they are different viruses, ok, I maybe splitting hairs, but claiming that blaster can spread using different ports is just wrong.