Nimda proved effective partially because it—unlike other infamous malware like
Code Red—uses five different infections
vectors: •
Email • Open
network shares • Browsing of compromised
web sites •
Exploitation of various
Internet Information Services (IIS) 4.0 / 5.0 directory traversal vulnerabilities. (Both Code Red and Nimda were hugely successful in exploiting well-known and long-solved vulnerabilities in the Microsoft IIS Server.) • Back doors left behind by the "Code Red II" and "
sadmind/IIS" worms. ==See also==