| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <d5a0834f04092211444c6f3774@mail.gmail.com> From: xonico at gmail.com (Nicolas Montoza) Subject: JPG worm! wode.jpg it has a vulnerability jpg MS04-28 http://www.theinquirer.net/?article=18585 news.htm it has a vulnerability object data http://www.securityfocus.com/archive/1/358862 On Mon, 20 Sep 2004 17:59:30 -0400, Aaron Horst <anthrax101@...il.com> wrote: > Interesting. It would appear to not be a JPEG worm, but rather to be > the regular old CHM exploits. The interesting thing about it is that > it simply calls a link that was posted to FD last week. > > The JPG is simply HTML, which loads http://www.xf*s.com/msn/1.jpg into > the main page, with http://www.xf*s.com/msn/news.htm in an iframe. > (Note: Change * to 2, to protect the unpatched IE users). I'm not sure > why that would be processed... > > However, news.htm was plugged by Nicolas Montoza <xonico@...il.com> last week: > http://lists.netsys.com/pipermail/full-disclosure/2004-September/026475.html > > AnthraX101 > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > -- D. Nicolas Montoza T. < xonico@...il.com > Security Research & Development PGPkey 0x564034EC Available at KeyServ BEF5 1795 BFCC DB2C 0BEF 92BD 0162 885F 5640 34EC
Powered by blists - more mailing lists