2001 CERT Incident Notes

In 2001, CERT published 15 incident notes:

• IN-2001-01: Widespread Compromises via "ramen" Toolkit
• IN-2001-02: Open mail relays used to deliver "Hybris Worm"
• IN-2001-03: Exploitation of BIND Vulnerabilities
• IN-2001-04: "Carko" Distributed Denial-of-Service Tool
• IN-2001-05: The "cheese" Worm IN-2001-06: Verification of Downloaded Software
• IN-2001-07: W32/Leaves: Exploitation of previously installed SubSeven Trojan Horses
• IN-2001-08: "Code Red" Worm Exploiting Buffer Overflow In IIS Indexing Service DLL
• IN-2001-09: "Code Red II:" Another Worm Exploiting Buffer Overflow in IIS Indexing Service DLL
• IN-2001-10: "Code Red" Worm Crashes IIS 4.0 Servers with URL Redirection Enabled
• IN-2001-11: Cache Corruption on Microsoft DNS Servers
• IN-2001-12: Exploitation of vulnerability in SSH1 CRC-32 compensation attack detector
• IN-2001-13: "Kaiten" Malicious Code Installed by Exploiting Null Default Passwords in MS-SQL 38
• IN-2001-14: W32/BadTrans Worm
• IN-2001-15: W32/Goner Worm

CERT incident notes are now a core component of US-CERT's Technical Cyber Security Alerts and Current Activity. We provide these incident notes, published by year, for historical purposes.