LOGBOOK

HELP

Quiz Entry - updated: 2026.07.05

What was the Morris Worm and what did it demonstrate about buffer overflows?

The 1988 Morris Worm was the first major internet worm; by exploiting buffer overflows in Unix services it proved such bugs could give remote code execution and take down machines network-wide.

The Morris Worm (1988) was the first major internet worm, written by Robert Morris as an experiment to estimate internet size. It spread using:

  • Dictionary attacks on weak passwords
  • Buffer overflow exploits in Unix services (fingerd, sendmail)

What went wrong: A bug caused it to reinfect machines repeatedly, consuming all resources and crashing ~6,000 computers (~10% of the internet at the time).

Security significance:

  1. Demonstrated that buffer overflows could achieve remote code execution
  2. Showed that a single vulnerability could have cascading network-wide effects
  3. Led to creation of CERT (Computer Emergency Response Team)
  4. First prosecution under Computer Fraud and Abuse Act

The Morris Worm proved that theoretical vulnerabilities could cause real-world catastrophic damage.

Go deeper:

  • doc Morris worm (Wikipedia) — corroborates fingerd/sendmail exploits, ~6,000 machines, CERT, first CFAA conviction.

From Quiz: SPRG / Buffer Overflow | Updated: Jul 05, 2026