Antivirus: Virus Archives

Current client downloads:

	VScan Engine/Dat (SuperDat) -5300/2777.5511
	VirusScan Enterprise 8.5i (with Patch 6) - Windows NT/2000/XP/2003
	VirusScan Enterprise 7.1 - Windows NT/2000/XP/2003
	Virex (OS X) Engine/Def - 7.2(v1.1)/081029
	Virex (OS 9.x) Engine/Def - 6.2/071001
	Linux & Solaris Engine/Dat - 5.2.00/4.0.5196
	Symantec Antivirus - 10.1.7.7000
	Symantec Antivirus - 10.2
	Clean Boot 1.0
	Stinger v3.8.0 virus removal tool (Updated 09/10/07)

Current server downloads:

	VirusScan Enterprise 8.5
	VirusScan Enterprise 7.1
	NetShield NetWare - 4.6.2
	NetShield NetWare - 4.6.3
	NetShield NetWare Engine Update - 4.4.00
	ePO agent for NetWare
	ScanMail eManager - 3.0

	ePO 3.0/VirusScan 7.0 Presentation
	Virex 7.x Installation Instructions
	VirusScan FAQs
	VirusScan Instructions
	Additional Resources

List of Viruses

Virus Alert - Lion Worm Last Updated 03/23/2001

SANS reported a Linux worm called Lion was found in the wild. This worm takes advantage of known vulnerabilities in BIND versions 8.2, 8.2-P1, 8.2.1, 8.2.2-Px, and all 8.2.3-betas run on Linux BIND DNS servers. The worm uses these vulenerabilities to gain root access to the targeted machine.

Per NAI, once the worm gains root access it steals account and password information and sends it to 1i0nsniffer@china.com. After stealing account and password information it begins scanning for new machines to infect.

Risk to NIH should be minimal because NIH does not run BIND on Linux machines.

Security patches are available from Linux manufacturers to fix the BIND vulnerabilities.

For More Information:

From SANS: http://isc.sans.org//index.php
From NAI: http://vil.nai.com/vil/content/v_99056.htm
BIND vulenerabilities from ISC: http://www.isc.org/index.pl?/sw/bind/bind-security.php

This archive is not intended to be comprehensive. For a more complete virus library, please visit NAI's Virus Information Library at http://vil.nai.com.

Contact NIH Help Desk for assistance:
866-319-4357 (toll free), 301-496-4357 (6-HELP) (local), 301-496-8294 (TDD)
http://ithelpdesk.nih.gov/support
Register for iForgotMyPassWord

Center for Information Technology
National Institutes of Health
Bethesda, Maryland 20892

Questions or Comments | Disclaimers | Privacy Policy

Health and Human Services
Washington, D.C. 20201

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -