| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200308112137.h7BLbddF037394@mailserver3.hushmail.com> From: p00lshark at hushmail.com (p00lshark@...hmail.com) Subject: DCOM Worm? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Symantec's Deepsight has a more detailed report than that up. Check this link: https://tms.symantec.com/members/AnalystReports/030811-Alert-DCOMworm.pdf My understanding is that this report is being constantly updated. On Mon, 11 Aug 2003 13:22:47 -0700 Matt Bell <matt.bell@...arling.com> wrote: >Yup.. confirmed here. Already had it hit a user, it saves itself >as >c:\%systemroot%\system32\msblast.exe >See here: >http://isc.sans.org/diary.html?date=2003-08-11 > > >> -----Original Message----- >> From: Carl Sager [mailto:orniter@...oo.com] >> Sent: Monday, August 11, 2003 2:52 PM >> To: full-disclosure@...ts.netsys.com >> Subject: [Full-Disclosure] DCOM Worm? >> >> >> I'm working as a technician and have had 3 people >> from the local area call within the last hour about a >> problem with having their computer shut down after >> giving a one minute warning. This only happens when >> they have an internet connection - if they boot up >> with a network cable plugged in, even if they don't >> have a browser or any other apps open, it'll shut >> down. It looks like they're all running NT/2k/XP as >> well - is this a DCOM worm? >> >> __________________________________ >> Do you Yahoo!? >> Yahoo! SiteBuilder - Free, easy-to-use web site design software >> http://sitebuilder.yahoo.com >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.netsys.com/full-disclosure-charter.html >> > -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.3 wkYEARECAAYFAj84DKIACgkQvvKYUXI82a+roACaAzaEs0dyfQ+jYNhnKiZvl8lbv5EA n1spYdSOiyrmVyKskrETLsj6wXPk =UU6f -----END PGP SIGNATURE----- Concerned about your privacy? Follow this link to get FREE encrypted email: https://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger https://www.hushmail.com/services.php?subloc=messenger&l=434 Promote security and make money with the Hushmail Affiliate Program: https://www.hushmail.com/about.php?subloc=affiliate&l=427
Powered by blists - more mailing lists