lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1135790279.19693.101.camel@gremlin.unx.brg>
Date: Wed Dec 28 17:18:11 2005
From: brudy at bruderer-research.com (Peter Bruderer)
Subject: test this

Hi there

Using a previous unknown hole in windows, an exploit was discovered
which infects a PC with spyware and trojans. The PC is infected using a
manipulated picture in the WMF format.

Only Symantec found a trojan downloader. Another AV scanners found the
downloaded code, but did not recognize the actual downloader.

(http://www.heise.de/security/news/meldung/67794 for the german
speeking)

More info:
http://www.f-secure.com/weblog/archives/archive-122005.html#00000752
http://isc.sans.org/diary.php?storyid=972

My scanners (McAfee, Kaspersky, Clam) did not find anything. 




On Wed, 2005-12-28 at 08:39 -0800, D B wrote:
> could the uber geeks who do spyware check the
> attachment for me ??
> 
> do not click this URL if in windows ... possible
> malware
> 
> it is obtained from
> http://www.cabbage-soup-diet.com/negative-calorie.html
> 
> 
> GF has countless popups after visiting this site and
> scanning with several different scanners isnt finding
> the source 

-- 
  Peter Bruderer
  Bruderer Research GmbH
  
  phone +41 52 620 26 53
  www.brg.ch

  peter.bruderer@....ch

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ