Welcome to the Virus Encyclopedia of Panda Security.
Sadmin-IIS is a worm that takes advantage of certain vulnerabilities existing in servers based on Solaris (Sun Microsistems) and IIS (Microsoft) systems.
In the case of Solaris, the vulnerability consists of a stack buffer overflow that can be exploited by the attacker to execute a number of commands. This would make it possible for hackers to obtain admnistrator rights and carry out any action on the system that requires this type of privilege. Similarly, in IIS systems attackers will be able to access the server having administrator rights.
The worm uses the aforementioned vulnerabilities to attack Solaris and IIS systems, as well as find other systems with the same flaws. In that case, Sadmin-IIS would propagate to those systems in order to attack them.
The worm can change the home page of web servers. The new page would look as follows:
ARE YOU FACING ANY PC OR INTERNET RELATED PROBLEMS? FREE SUPPORT INCLUDED. CALL US 24/7
powered by Anytech365