lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <Law10-F97miKx2hRHgi0001844c@hotmail.com>
From: erwinp21 at hotmail.com (- -)
Subject: Re: new internet explorer exploit  (was new worm)

Drew Coply wrote:
>Yeah. It is a zero day worm, and it is very notable as such.

>I can not recall a previous zero day worm. (AV is not my job, but I do
>try and follow zero day.)

>Hence, IE has birthed us the first zero day worm.

On one hand this worm exploits unpatched vulnerabilities, but on the other 
hand these vulnerabilities were already known for some time, as shown in the 
references below.

http://archives.neohapsis.com/archives/bugtraq/2003-12/0337.html
http://archives.neohapsis.com/archives/bugtraq/2003-11/0307.html

MS attempted to patch one of them, but as we all know they failed doing it 
properly. Still I think this "worm" is nothing to get to exciting about, it 
is nothing more than two known vulnerabilites combined. While I think MS 
should patch those vulnerabilities a.s.a.p, the word 0-day is a bit to 
strong for this "worm".

Thor Larholm wrote:
>K-OTiK posted about this in http://www.securityfocus.com/archive/1/354447 
>and we posted details of the Ibiza CHM exploit a few weeks before then on 
>the Unpatched mailing list ( http://unpatched.pivxlabs.com ).
I assume you mean the brief analyses you posted earlier to the unpatched 
mailing list? (sorry, no reference since the unpatched mail archive is 
currently down) Have you discovered any new noteworthy information about the 
Bizex worm, since you were still researching the impact of the worm when you 
send that earlier message to the list?

Regards,

Erwin

_________________________________________________________________
Free up your inbox with MSN Hotmail Extra Storage. Multiple plans available. 
http://join.msn.com/?pgmarket=en-us&page=hotmail/es2&ST=1/go/onm00200362ave/direct/01/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ