[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Fwd: Re: [Full-Disclosure] another Trojan with the ADO hole? + a twist in the story]
- To: full-disclosure@lists.netsys.com
- Subject: [Fwd: Re: [Full-Disclosure] another Trojan with the ADO hole? + a twist in the story]
- From: "Daniel H. Renner" <dan@losangelescomputerhelp.com>
- Date: 31 Jan 2004 14:59:38 -0800
Doesn't work in Mozilla v1.3.1 on Xandros v1.1 either, though the
message was "(111) Connection refused" by
http://mitglied.lycos.de/mycutewebspace, maybe they don't like Mozilla?
:-)
Our proxy shows the following path when you click the link:
http://freedns.afraid.org/blank.html
http://mitglied.lycos.de/mycutewebspace
http://207.46.110.24/gateway/gateway.dll?
Cheers,
Dan
-----Forwarded Message-----
From: Paul Schmehl <pauls@utdallas.edu>
To: Gadi Evron <ge@egotistical.reprehensible.net>, bugtraq@securityfocus.com,
full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] another Trojan with the ADO hole? + a twist in
the story
Date: 31 Jan 2004 14:24:21 -0600
--On Saturday, January 31, 2004 7:35 PM +0200 Gadi Evron
<ge@egotistical.reprehensible.net> wrote:
> The past Trojan horses which spread this way took advantage of the fact
> web servers send an HTML 404 message if a file doesn't exist.
>
> The original sample - britney.jpg - was simply an html file itself, and
> using that fact, and IE loading it. It was combined with one of the
> latest exploits of the time (I don't think MS patched it yet), and
> downloaded the Trojan horses.
>
> This time around there is actually a picture on the web page, of a real
> honest to God girl. But in another frame.. the same story all over again.
>
> For blocking purposes, the (un-safe) URL is: http://ut.uk.to/cs.jpg .
Didn't work on my Titanium using Safari. The girl
was....uh....well-endowed. :-)
Paul Schmehl (pauls@utdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html