[36705] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: GDI Virus in the wild.

daemon@ATHENA.MIT.EDU (Gerry Eisenhaur)
Tue Sep 28 12:38:17 2004

Message-ID: <41586DC6.2010200@Cisco.com>
Date: Mon, 27 Sep 2004 15:45:10 -0400
From: Gerry Eisenhaur <GEisenhaur@cisco.com>
MIME-Version: 1.0
To: ben@easynews.com
Cc: bugtraq@securityfocus.com
In-Reply-To: <1096266888.7939.7.camel@solaris.skunkware.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

It's not a virus, just a connect back (82.1.163.241:55000) cmd shell 
exploit.

/gerry

Ben wrote:
> Allo,
> 
> There is now a GDI+ jpeg exploiting virus in the wild.  It was posted
> on  Mon, 27 Sep 2004 01:25:52 GMT via NNTP to multiple news groups by a
> single person.
> 
> See the following for details:
> http://www.easynews.com/virus.txt
> 
> You can see the virus here:
> http://easynews.com/test/possiblevirus.jpg.gz
> 
> 
> - IsolationX
> 
> 

-- 
Gerald Eisenhaur
Cisco Systems, Inc.
1414 Massachusetts Ave.
Boxborough, Massachusetts 01719
voice:	978.936.0465
geisenhaur@cisco.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[36705] in bugtraq

Re: GDI Virus in the wild.

daemon@ATHENA.MIT.EDU (Gerry Eisenhaur)Tue Sep 28 12:38:17 2004

daemon@ATHENA.MIT.EDU (Gerry Eisenhaur)
Tue Sep 28 12:38:17 2004