lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 27 Jan 2006 19:45:47 -0500 From: Dude VanWinkle <dudevanwinkle@...il.com> To: Charles Cala <charles_cala@...oo.com> Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com Subject: Re: Urgent Alert: Possible BlackWorm DDay February 3rd (Snort signatures included) On 1/27/06, Charles Cala <charles_cala@...oo.com> wrote: > BlackWorm has a LAN infection vector. So does some kid hacking directly into your box, but he isnt a worm > No action on the part of the user of the > box on the LAN must happen for them to "get got", > thus this is a worm. http://www.f-secure.com/v-descs/nyxem_e.shtml Yes there is, read the fsecure write up. They have to have admin rights to their neighbors machine or the NFS vector, where they still have to click on the replaced.. you know what, it doesnt really matter. This "worm" will be gone in 7 days, so lets just agree that you are right and I am dead wrong. Sorry all, didnt meant to make noise. its a worm, just like MyDoom (http://en.wikipedia.org/wiki/Internet_worm) -JP "That guy is a moron" -F. Gump (speaking on JP's character) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists