[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] JPEG GDI

To: <barrie@xxxxxxxxxxxxxxxx>, "Barry Fitzgerald" <bkfsec@xxxxxxxxxxxxxxxx>
Subject: RE: [Full-Disclosure] JPEG GDI
From: "Todd Towles" <toddtowles@xxxxxxxxxxxxxxx>
Date: Tue, 28 Sep 2004 16:19:40 -0500

This was sent out on FD this morning as a password protected ZIP file. 

I downloaded a copy via wget, both my proxy AV and my desktop AV were
able to detect it as a MS04-028 expolit.

The story was also posted to Slashdot.org last night

-----Original Message-----
From: full-disclosure-admin@xxxxxxxxxxxxxxxx
[mailto:full-disclosure-admin@xxxxxxxxxxxxxxxx] On Behalf Of Barrie
Dempster
Sent: Tuesday, September 28, 2004 3:16 PM
To: Barry Fitzgerald
Cc: str0ke@xxxxxxxxxxx; full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] JPEG GDI

On Tue, 2004-09-28 at 19:56, Barry Fitzgerald wrote:
> Yep - in fact I was reading this morning on http://isc.sans.org/ that 
> one was just found on an adult newsgroup.
> 
>              -Barry

Indeed Barry, heres more information on that for you or others
interested http://easynews.com/virus.html

I know the file itself has already been posted to the list but this link
gives some preliminary analysis of if it too, which shows it as a trojan
infection vector and not really a virus in the traditional sense.

--
Barrie Dempster (zeedo) - Fortiter et Strenue

  http://www.bsrf.org.uk

[ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ]

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] JPEG GDI
  - From: GuidoZ

Prev by Date: Re: [Full-Disclosure] JPEG GDI
Next by Date: [Full-Disclosure] FW: [Fwd: How one can become a terrorist?]
Previous by thread: Re: [Full-Disclosure] JPEG GDI
Next by thread: Re: [Full-Disclosure] JPEG GDI
Index(es):
- Date
- Thread