lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <e024ccca0601271645p7ef6dd47x2c1fc2f70abfef71@mail.gmail.com>
Date: Fri, 27 Jan 2006 19:45:47 -0500
From: Dude VanWinkle <dudevanwinkle@...il.com>
To: Charles Cala <charles_cala@...oo.com>
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: Re: Urgent Alert: Possible BlackWorm DDay February
	3rd (Snort signatures included)


On 1/27/06, Charles Cala <charles_cala@...oo.com> wrote:
> BlackWorm has a LAN infection vector.

So does some kid hacking directly into your box, but he isnt a worm

> No action on the part of the user of the
> box on the LAN must happen for them to "get got",
> thus this is a worm.

http://www.f-secure.com/v-descs/nyxem_e.shtml
Yes there is, read the fsecure write up. They have to have admin
rights to their neighbors machine or the NFS vector, where they still
have to click on the replaced..

you know what, it doesnt really matter. This "worm" will be gone in 7
days, so lets just agree that you are right and I am dead wrong.

Sorry all, didnt meant to make noise. its a worm, just like MyDoom
(http://en.wikipedia.org/wiki/Internet_worm)

-JP
"That guy is a moron"
-F. Gump (speaking on JP's character)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ