lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <OF01F5B98D.37EB6787-ONC1256EAD.002F80BF-C1256EAD.002F9417@wave-solutions.com>
From: christoph.gruber at wave-solutions.com (Christoph Gruber)
Subject: another new worm submission

but I forgot to attach it:



-- 
Christoph Gruber, Senior Security Architect
WAVE Solutions Information Technology GmbH 
Nordbergstrasse 13, A - 1090 Wien, Austria
christoph.gruber@...e-solutions.com
Office: +43 1 71730 53514, Mobile: +43 664 81 22 66 1
PGP-Fingerprint: CCFF 5D66 7073 952C 7AB3  C2DF 435A C85C 558E D42B

full-disclosure-admin@...ts.netsys.com schrieb am 07.06.2004 14:06:21:

> 
> -----BEGIN PGP SIGNED MESSAGE----- 
> Hash: SHA1 
> 
> Josh wrote 04.06.2004 21:11:26: 
> 
> > http://www.detroit-x.com/analysis.htm 
> > 
> > This is something we found this morning. I have packet captures 
> > that I will post. 
> > I have attached the infected files found with FPORT and also 
> > registry entries. 
> > 
> > We found this rebooting machines with the LSASS.exe error similar 
> > to Sasser. As of 6/4/2004 we found no virus defs to pick it up. 
> > 
> > 
> > Joshua Perrymon 
> > Sr. Network Security Consultant 
> 
> Hi there! 
> 
> There is another Registry-entry: 
> 
> 
> Cheers! 
> 
> - -- 
> Christoph Gruber, Senior Security Architect 
> WAVE Solutions Information Technology GmbH 
> Nordbergstrasse 13, A - 1090 Wien, Austria 
> christoph.gruber@...e-solutions.com 
> Office: +43 1 71730 53514, Mobile: +43 664 81 22 66 1 
> PGP-Fingerprint: CCFF 5D66 7073 952C 7AB3  C2DF 435A C85C 558E D42B 
> 
> 
> -----BEGIN PGP SIGNATURE----- 
> Version: PGP 8.0.3 
> 
> iQA/AwUBQMRaFkNayFxVjtQrEQKmYwCg4ufJbS1o/5/C73FUSzBQ+D77OXsAoMLD 
> 82mFBEHVI5D0bGtwTIoLQx9G 
> =SKaL 
> -----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040608/50cc6171/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: reg1.reg
Type: application/octet-stream
Size: 268 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040608/50cc6171/reg1.obj

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ