x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 40% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
BLACKFRIDAY OFFER
Buy the best antivirus
at the best price
TODAY ONLY UP TO 70% OFF
x
CYBERMONDAY OFFER
Buy the best antivirus
at the best price
(Only for homeusers)
TODAY ONLY UP TO 70% OFF
Active Scan. Scan your PC free
Panda Protection

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Encyclopedia GetVirusCard True 0

Sadmin-IIS

 
Threat LevelModerate threatDamageHighDistributionNot widespread
Common name:Sadmin-IIS
Technical name:Sadmin-IIS
Threat level:Low
Type:Virus
Effects:   It carries out damaging actions on the affected computer. It does not spread automatically using its own means.
Affected platforms:

MS-DOS

Detection updated on:May 10, 2001
StatisticsNo

Brief Description 

    

Sadmin-IIS is a worm that takes advantage of certain vulnerabilities existing in servers based on Solaris (Sun Microsistems) and IIS (Microsoft) systems.

 

In the case of Solaris, the vulnerability consists of a stack buffer overflow that can be exploited by the attacker to execute a number of commands. This would make it possible for hackers to obtain admnistrator rights and carry out any action on the system that requires this type of privilege. Similarly, in IIS systems attackers will be able to access the server having administrator rights.

 

The worm uses the aforementioned vulnerabilities to attack Solaris and IIS systems, as well as find other systems with the same flaws. In that case, Sadmin-IIS would propagate to those systems in order to attack them.

Visible Symptoms 

    

The worm can change the home page of web servers. The new page would look as follows: