lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.GSO.4.43.0403250951590.28485-100000@tundra.winternet.com>
From: dufresne at winternet.com (Ron DuFresne)
Subject: New exploit now circulating?

text, the mailing list supports text, not html, not rtf, please, fix your
mailers, ten lines of trash to reach two lines of content?!;

@font-face { font-family: Tahoma; } @page Section1 {size: 8.5in 11.0in;
margin: 1.0in 1.25in 1.0in 1.25in; } P.MsoNormal { FONT-SIZE: 12pt;
MARGIN: 0in 0in 0pt; FONT-FAMILY: "Times New Roman" } LI.MsoNormal {
FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Times New Roman" }
DIV.MsoNormal { FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Times
New Roman" } A:link { COLOR: blue; TEXT-DECORATION: underline }
SPAN.MsoHyperlink { COLOR: blue; TEXT-DECORATION: underline } A:visited {
COLOR: blue; TEXT-DECORATION: underline } SPAN.MsoHyperlinkFollowed {
COLOR: blue; TEXT-DECORATION: underline } P { FONT-SIZE: 12pt;
MARGIN-LEFT: 0in; MARGIN-RIGHT: 0in; FONT-FAMILY: "Times New Roman";
mso-margin-top-alt: auto; mso-margin-bottom-alt: auto } SPAN.EmailStyle17
{ COLOR: navy; FONT-FAMILY: Arial; mso-style-type: personal-reply }
DIV.Section1 { page: Section1 } I'm also curious if it changes between
sources or if it's something that can be blocked at a firewall?


Yuk,

Ron DuFresne

On Wed, 24 Mar 2004 PNIXON@...somerville.ma.us wrote:

> I'm also curious if it changes between sources or if it's something that can
> be blocked at a firewall?
>
> -----Original Message-----
> From: Kristian Hermansen [mailto:khermansen@...technology.com]
> Sent: Wednesday, March 24, 2004 3:06 PM
> To: full-disclosure@...ts.netsys.com; jherm@...kass.com
> Subject: [Full-Disclosure] New exploit now circulating?
>
>
>
> It looks like the new iFrame exploit is making the rounds, so has anyone
> analyzed the payload yet (see below)?  Or is this just the new Netsky.P?  Is
> it linking to a local file or within the email itself?  What's going on here
> or did I miss something?
>
>
>
> cid:031401Mfdab4$3f3dL780$73387018@...81fa70Re
>
>
>
> What is this link when deciphered?
>
>
>
> Kristian Hermansen
> khermansen@...technology.com
>
>
>   _____
>
>
> From: hobknob@...eyard.net [mailto:hobknob@...eyard.net]
> Sent: Wednesday, March 24, 2004 2:35 PM
> To: webmaster@...otoys.com
> Subject: Mail Delivery (failure webmaster@...otoys.com)
>
>
>
> If the message will not displayed automatically,
> follow the link to read the delivered message.
>
> Received message is available at:
> www.zerotoys.com/inbox/webmaster/read.php?sessionid-797
>
>
>
>

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
	***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ