| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: jkuperus at planet.nl (Jelmer) Subject: one new trojan It abuses the "MSIE JVM bytecode verifier" bug found by LSD in 2002 http://lsd-pl.net/vulnerabilities.html Patched by http://www.microsoft.com/technet/security/bulletin/MS03-011.mspx -----Original Message----- From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Willem Koenings Sent: zaterdag 24 juli 2004 19:14 To: full-disclosure@...ts.netsys.com Subject: [Full-Disclosure] one new trojan hi, today i encountered one new trojan : web.exe / services.exe, arrives in arc.zip and is executed via java. kaspersky doesn't identify this one yet. web exe is placed to the root dir, then copied as services.exe to the SystemRoot\inetg if anyone is curious to play with it : http://conyc.com/galleryg/arc.zip starter script is here: http://conyc.com/galleryg/starter.html willem. -- ___________________________________________________________ Sign-up for Ads Free at Mail.com http://promo.mail.com/adsfreejump.htm _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists