lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200409121036.04665.andrei.galca@rdsnet.ro>
From: andrei.galca at rdsnet.ro (Andrei Galca-Vasiliu)
Subject: drive by shooting - got hit by mysearch toolbar

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

How long was that machine connected until you patched it?
Try installing some anti virus program first thing, then connect, update virus 
definitions, and then update windows.
You?ll have a big surprise :) I got 7 alerts while updating, 3 spybots and 4 
viruses.


Intr-un mail de pe data de Sunday 12 September 2004 02:58, 
fulldisclosure@...eraxe.demon.nl povestea:
> All patches installed on w2k server ie6
> except :
>
> journal viewer
> .net framework
> directx9.0b
> media player 9
>
> googled for 'how to configure htaccess on apache', firts hit was this
> page :
>
> www.thesitewizard.com/apache/index.shtml
>
> i went there and found nothing ... like a page with links to stuff i
> didnt really want ..
> so i open a new window in IE .. bang ... 'MySearch toolbar' sitting
> there in my IE window.
> i know i shouldnt be browsing on a server, but i just wanted to look
> something up so i could configure the server
> now im sure i didnt click on OK anywhere, nothing even popped up when
> i went there.
> i checked back at the site and now something DID popup .. i was using
> a remote terminal server connection,
> so maybe i hit spacebar on accident before seeing the window ? i dont
> think so , the connection here is quite fast,
> i probably would have seen that ... anyway the second visit i did get
> a popup asking for an install of something.
> i checked the source and i did see a reference to
> ../include/common.jsp somewhere at the top,
> but its late here so im gonna leave it at that and maybe check on it
> tomorrow.
>
> just thought i'd give some ppl who might be interested a heads up
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

- -- 
Andrei Galca-Vasiliu
Technical Support
Brasov Branch
Romania Data Systems
T: +402 68 474133  F: +402 68 474133
www.rdsnet.ro
- --
Privileged/Confidential Information may be contained in this message. 
If you are not the addressee indicated in this message (or responsable 
for delivery of the message to such person), you may not copy or 
deliver this message to anyone. In such a case, you should destroy 
this message and kindly notify the sender by reply e-mail.
- --
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iQCVAwUBQUP8YCSMIH0khc/mAQKa6wP/XXOSOY3lRKYtRkBOZXZnTskDqysd60z+
pEZqnvLHRYMvhNOdjcHETcHlog6aThJI7MAMsahA3imhZ7ndugnfgQm3gLCVpn6O
57vQIuPNNDREUHQFhJICcMIy6fIR0CrcC58GIPhgsggHF4l+URiwofGsdkGMhj/2
acjxy+Uocwg=
=TyOU
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ