| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <F083C20DA3BED51189A500508B8B827B043695D7@Exchangemail> From: matt.bell at ladarling.com (Matt Bell) Subject: DCOM Worm? Yup.. confirmed here. Already had it hit a user, it saves itself as c:\%systemroot%\system32\msblast.exe See here: http://isc.sans.org/diary.html?date=2003-08-11 > -----Original Message----- > From: Carl Sager [mailto:orniter@...oo.com] > Sent: Monday, August 11, 2003 2:52 PM > To: full-disclosure@...ts.netsys.com > Subject: [Full-Disclosure] DCOM Worm? > > > I'm working as a technician and have had 3 people > from the local area call within the last hour about a > problem with having their computer shut down after > giving a one minute warning. This only happens when > they have an internet connection - if they boot up > with a network cable plugged in, even if they don't > have a browser or any other apps open, it'll shut > down. It looks like they're all running NT/2k/XP as > well - is this a DCOM worm? > > __________________________________ > Do you Yahoo!? > Yahoo! SiteBuilder - Free, easy-to-use web site design software > http://sitebuilder.yahoo.com > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030811/29a352de/attachment.html
Powered by blists - more mailing lists