[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Re: Aol IM /Microsoft IE remote code execution

To: Feher Tamas <etomcat@freemail.hu>, <full-disclosure@lists.netsys.com>
Subject: RE: [Full-Disclosure] Re: Aol IM /Microsoft IE remote code execution
From: Michael Evanchik <mike@alanpickel.com>
Date: Thu, 19 Feb 2004 10:58:42 -0500

That is definately true.  But unfortunately I used known local exploit examples 
to give due credit to some people.  There are many different local exploits 
that norton does not pick up as well as ways to rewrite the known ones to trick 
norton so I have been told.

Mike


From:Feher Tamas
Sent:Thu 2/19/2004 5:00 AM
To:full-disclosure@lists.netsys.com
Subject:[Full-Disclosure] Re: Aol IM /Microsoft IE remote code execution
 

Hello,

>www.MichaelEvanchik.com/security/microsoft/ie/aim/aim.txt

Kaspersky AV says:
"aim.txt Infected: Exploit.Win32.LnkRun"

>http://www.high-pow-er.com/ok.hta

This one is "Trojandropper.VBS.Inor.i".

The morale of the story is:
Traditional AV is still not dead, it gives you good protection. 8-)
You just have to update several time a day! 8-(

Sincerely: Tamas Feher.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: [Full-Disclosure] Re: ASN.1 telephony critical infrastructure warning - VOIP
Next by Date: [Full-Disclosure] RE: Multiple WinXP kernel vulns can give user mode programs kernel mode
Previous by thread: [Full-Disclosure] Re: Aol IM /Microsoft IE remote code execution
Next by thread: [Full-Disclosure] NetBSD Security Advisory 2004-004: shmat reference counting bug
Index(es):
- Date
- Thread