[4577] in WWW Security List Archive

home help back first fref pref prev next nref lref last post

Re: Netscape Cache Virus

daemon@ATHENA.MIT.EDU (Ammon)
Mon Feb 24 21:13:29 1997

Date: Mon, 24 Feb 1997 16:29:51 -0600
To: www-security@ns2.rutgers.edu
From: Ammon <ammon@ikx.org>
In-Reply-To: <3310A361.318E@earthlink.net>
Errors-To: owner-www-security@ns2.rutgers.edu

At 03:06 PM 2/23/97 -0500, you wrote:
>hi,
>I dont know much about virii but I believe I got one through netscape.
>I have had alot of problems on my win95 partion lately.  I get lots of
>out of mem problems. For example I tried to open netscape and it was the
>onlything I tried to open and I got an out of memory err.  So after alot
>of this I ran Thunderbite and it said that dcoo5.com was infected bye an
>unknown virus.  I was wondering if it is posible for java to run a
>program that comes off a page w/o prompting user to run it.  Please help
>me with this.
>                              Thanks 
>    				goat

Well, java (IMHO) is not the most of secure languages, and it was shown
earlier last year that it *is* possible to exploit the part of java that
checks the byte-code in applets, which leads to the fact that an applet is
possible of spreading a virus. However, I believe the bug has been fixed
(correct?), and the situation in which it can be exploited are not the
easiest of things to get. It is much more likely that you downloaded a
program with a virus or somehow got a virus onto your system (borrowed any
programs from a friend lately?) and that is how you are infected. Also, it
would help if you could tell us how you got dcoo5.com? Is it part of a
program you've installed? Did it just appear some day? It *is* possible for
javascript to leak some securiy information about you without your
knowledge (kinda), but not physically deal with stuff on the HD.



    ____      _  _      _  _      ____      __ _        
    |--|   o  |\/|   o  |\/|   o  [__]   o  | \|     
                                                     
             a m m o n @ i k x . o r g               
            i k x . o r g / ~ a m m o n              
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
"Everyone has a talent. What is rare is the courage to
follow that talent to the dark place where it leads."

"A riot is the language of the unheard."
+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
___ __  __   __   __   __                              
 | |__)  _) /__  /  \ /  \     take back alt.2600    
 | |__) /__ \__) \__/ \__/  http://tb2600.home.ml.org
home help back first fref pref prev next nref lref last post