[32177] in bugtraq
Re: a dangerous fast spreading (yet simple) trojan horse.
daemon@ATHENA.MIT.EDU (Andreas Reich)
Mon Oct 27 16:56:12 2003
Message-ID: <3F9D4B2F.3080903@scention.de>
Date: Mon, 27 Oct 2003 17:43:27 +0100
From: Andreas Reich <cyraxx@scention.de>
MIME-Version: 1.0
To: bugtraq@securityfocus.com
In-Reply-To: <000f01c39ced$e5abce50$0900000a@whitestar>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Gadi Evron wrote:
> The jpeg is actually an HTML file, and when the web browser receives it,
> it thinks that it is a server error message for the file not existing,
> and loads the page.
Not necessarily. Often it is just a directory named xyz.jpg. The browser
then
gets redirected to /url/xyz.jpg/ and loads the index.html there.
-Andreas
