lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <9E97F0997FB84D42B221B9FB203EFA2701FA0212@dc1ms2.msad.brookshires.net>
Date: Wed Dec 28 22:40:10 2005
From: toddtowles at brookshires.com (Todd Towles)
Subject: test this

Trend Micro just released a Controlled Pattern File Release (CPR)
Pattern Update - 3.1.34.04

http://www.trendmicro.com/vinfo/

The current auto-update sig = 3.1.33.00

-Todd

> -----Original Message-----
> From: full-disclosure-bounces@...ts.grok.org.uk 
> [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf 
> Of Valdis Shkesters
> Sent: Wednesday, December 28, 2005 1:46 PM
> To: Peter Bruderer; full-disclosure@...ts.grok.org.uk
> Subject: Re: [Full-disclosure] test this
> 
> This is a report processed by VirusTotal on 12/28/2005 at 
> 20:38:41 (CET) after scanning the file "xpladv548.wmf.gz" file.
> 
> AntiVir - no virus found
> Avast - Win32:Exdown
> AVG - no virus found
> Avira - no virus found
> BitDefender - Exploit.Win32.WMF-PFV
> CAT-QuickHeal - no virus found
> ClamAV - no virus found
> DrWeb - no virus found
> eTrust-Iris - no virus found
> eTrust-Vet - no virus found
> Ewido - no virus found
> Fortinet - W32/WMF-exploit
> F-Prot - no virus found
> Ikarus - no virus found
> Kaspersky - Trojan-Downloader.Win32.Agent.acd McAfee - Exploit-WMF
> NOD32v2 - Win32/TrojanDownloader.Wmfex
> Norman - no virus found
> Panda - Exploit/Metafile
> Sophos - no virus found
> Symantec - no virus found
> TheHacker - no virus found
> UNA - no virus found
> VBA32 - no virus found
> 
> http://www.virustotal.com
> 
> ----- Original Message -----
> From: "Peter Bruderer" <brudy@...derer-research.com>
> To: "D B" <geggam692000@...oo.com>
> Cc: <full-disclosure@...ts.grok.org.uk>
> Sent: Wednesday, December 28, 2005 7:17 PM
> Subject: Re: [Full-disclosure] test this
> 
> 
> > Hi there
> >
> > Using a previous unknown hole in windows, an exploit was discovered
> > which infects a PC with spyware and trojans. The PC is 
> infected using a
> > manipulated picture in the WMF format.
> >
> > Only Symantec found a trojan downloader. Another AV 
> scanners found the
> > downloaded code, but did not recognize the actual downloader.
> >
> > (http://www.heise.de/security/news/meldung/67794 for the german
> > speeking)
> >
> > More info:
> > http://www.f-secure.com/weblog/archives/archive-122005.html#00000752
> > http://isc.sans.org/diary.php?storyid=972
> >
> > My scanners (McAfee, Kaspersky, Clam) did not find anything.
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ