[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] DCOM Worm released

To: <full-disclosure@lists.netsys.com>
Subject: Re: [Full-Disclosure] DCOM Worm released
From: "Nils" <panther-@gmx.de>
Date: Tue, 12 Aug 2003 00:43:38 +0200

I've caught a copy of msblast.exe.

Get it at :
    www.geocities.com/nilssommer/msblast.zip - original packed version
    www.geocities.com/nilssommer/msblast_unpacked.zip - unpacked with upx

Nils Sommer

----- Original Message ----- 
From: "Joey" <joey2cool@yahoo.com>
To: "Full-Disclosure (E-mail)" <full-disclosure@lists.netsys.com>
Sent: Monday, August 11, 2003 10:21 PM
Subject: [Full-Disclosure] DCOM Worm released


> They found a worm, but since it uses tftp servers that
> can be taken down and since tftp is slow, it shouldnt
> have much of an effect.
> 
> "Scans sequentially for machines with open port 135,
> starting at a presumably random IP address" - very
> stupid way to spread!
> 
> http://isc.sans.org/diary.html?date=2003-08-11
> 
> __________________________________
> Do you Yahoo!?
> Yahoo! SiteBuilder - Free, easy-to-use web site design software
> http://sitebuilder.yahoo.com
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] DCOM Worm released
  - From: Joey <joey2cool@yahoo.com>

Prev by Date: RE: [Full-Disclosure] rpc worm
Next by Date: Re: [Full-Disclosure] msblast.exe
Prev by thread: [Full-Disclosure] DCOM Worm released
Next by thread: Re: [Full-Disclosure] DCOM Worm released
Index(es):
- Date
- Thread