[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <003301c439ca$2c135ce0$1214dd80@corp.emc.com>
From: exibar at thelair.com (Exibar)
Subject: Worm of the worm?
I think you guys are talking about the Dabber worm.
http://vil.nai.com/vil/content/v_125300.htm
Exibar
----- Original Message -----
From: "Maxime Ducharme" <mducharme@...ergeneration.com>
To: "Roberto Navarro - TusProfesionales.es" <rnavarro@...profesionales.es>;
<full-disclosure@...ts.netsys.com>
Sent: Friday, May 14, 2004 10:01 AM
Subject: Re: [Full-Disclosure] Worm of the worm?
Hi
K-OTik published an exploit for sasser's ftpd :
http://www.k-otik.com/exploits/05102004.sasserftpd.c.php
Maybe you are seeing manual scans or a brand new worm.
Have a nice day
Maxime Ducharme
Programmeur / Sp?cialiste en s?curit? r?seau
----- Original Message -----
From: "Roberto Navarro - TusProfesionales.es" <rnavarro@...profesionales.es>
To: <full-disclosure@...ts.netsys.com>
Sent: Friday, May 14, 2004 8:26 AM
Subject: [Full-Disclosure] Worm of the worm?
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I have detected some scans lookin' for the 5554 port (sasser's ftpd).
>
> Does somebody know anything about a new worm, exploiting its
> vulnerabilty?
>
>
> Roberto a.k.a. Logan
>
>
> There are no answers, only cross refernces.
> -- Weiner's Law of Libraries
>
> - ---------------------------------------
> Roberto Navarro
> rnavarro@...profesionales.es
> Registered Linux User #212565
> - ---------------------------------------
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 8.0.2
>
> iQA/AwUBQKS63MhDftHeZF7JEQLl/ACfU2fksblzy3zYh4yelCH2GxATsqcAoM+F
> S/UxvCt8U0dgVqP3E+TeunS2
> =sEU4
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists