[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[port139ml:02691] Re: 2 bytes $B$N(B$B$A$,$$(B (Was: Re: CodeRed II)

To: port139ml@xxxxxxxxxxxxx
Subject: [port139ml:02691] Re: 2 bytes $B$N(B$B$A$,$$(B (Was: Re: CodeRed II)
From: syun <syun@xxxxxxx>
Date: Thu, 13 Mar 2003 03:43:26 +0900

syun$B$G$9!#(B
(B
(B>$B$"$i$$!w%i%C%/$G$9!#(B
(B
$B$3$s$P$s$O!#(B
$B!V%;%-%e%j%F%#967b>\:Y!W$,L\$NA0$NK\C*$KCV$$$F$"$j$^$9!#(B
(B
(B>CodeRed.F $B$N(B 2 bytes $B$N$A$,$$$K$D$$$F$G$9$,!"(BeEye Digital Security $B$5$s(B
(B>$B$N(B CodRed II $B$N2r@O(B:
(B>http://www.eeye.com/html/Research/Advisories/AL20010804.html
(B>$BCf$N(B "Propagation" $B%;%/%7%g%s$N(B C. $B$K$"$j$^$9%m!<%+%k$N%7%9%F%`;~4V$N%A%'%C(B
(B>$B%/$K3:Ev$9$k2U=j$r$3$N%o!<%`$OJQ99$7$F$$$^$9!#(B
(B
$B>\$7$$>pJs$H2r@b$"$j$,$H$&$4$6$$$^$9!#JY6/$K$J$j$^$9!#(B
(B
(B| If the month is October or later or the year is greater than 34951, the
(B| computer will also be restarted.
(B
$B!|(BCodeRed.F 
(B0f b7 85 3c fe ff ff 3d 88 88 00 00 73 cf 0f b7
(B                        ^^^^^
(B 0x88 + (0x88 * 256) = 34952
(B
$B!|(BCodeRedII
(B0f b7 85 3c fe ff ff 3d d2 07 00 00 73 cf 0f b7
(B                        ^^^^^
(B 0xd2 + (0x07 * 256) = 2002 
(B
$B$3$&$$$&$3$H$@$C$?$N$G$9$M!#(B

References:
- [port139ml:02684] Re: CodeRed II
  - From: syun
- [port139ml:02685] Re: CodeRed II
  - From: syun
- [port139ml:02689] 2 bytes $B$N$A$,(B$B$$(B (Was: Re: CodeRed II)
  - From: ARAI Yuu

Prev by Date: [port139ml:02690] Re: CodeRed II
Next by Date: [port139ml:02692] Re: Autopsy UTF8 $B%Q%C%A(B
Previous by thread: [port139ml:02689] 2 bytes $B$N$A$,(B$B$$(B (Was: Re: CodeRed II)
Next by thread: [port139ml:02699] $B%Q%1%m%9(B
Index(es):
- Date
- Thread

[port139ml:02691] Re: 2 bytes $B$N(B$B$A$,$$(B (Was: Re: CodeRed II)

[port139ml:02691] Re: 2 bytes $B$N(B$B$A$,$$(B (Was: Re: CodeRed II)