Full Disclosure mailing list archives

RE: Re: Possible apache2/php 4.3.9 worm

From: "Patrick Nolan" <p.nolan () comcast net>
Date: Wed, 22 Dec 2004 11:47:20 -0800

If Google were to block this particular pattern of search 
request it would stop the spread of the worm for now.

-Joe

--
Joe Stewart, GCIH
Senior Security Researcher
LURHQ http://www.lurhq.com/


I believe it is blocked now [thanks Google].

Regards, 

Patrick Nolan
Virus Researcher - Fortinet Inc.
http://www.fortinet.com 

To Submit A Virus:
pkzip/winzip password infected to
submitvirus at fortinet dot com


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: Possible apache2/php 4.3.9 worm, (continued)
- - Re: Possible apache2/php 4.3.9 worm DanB UK (Dec 22)
    - Re: Possible apache2/php 4.3.9 worm Barrie Dempster (Dec 22)
    - Re: Possible apache2/php 4.3.9 worm dk (Dec 22)
    - Re: Possible apache2/php 4.3.9 worm DanB UK (Dec 23)
    - Re: Possible apache2/php 4.3.9 worm dk (Dec 27)
- Re: Possible apache2/php 4.3.9 worm Juan Carlos Navea (Dec 21)
  - Re: Possible apache2/php 4.3.9 worm milw0rm Inc. (Dec 22)
- Re: Possible apache2/php 4.3.9 worm Feher Tamas (Dec 21)
- Re: Possible apache2/php 4.3.9 worm Joe Stewart (Dec 21)
  - Re: Re: Possible apache2/php 4.3.9 worm morning_wood (Dec 22)
  - RE: Re: Possible apache2/php 4.3.9 worm Patrick Nolan (Dec 22)
  - Re: Re: Possible apache2/php 4.3.9 worm Max Valdez (Dec 23)
- RE: Possible apache2/php 4.3.9 worm Randal, Phil (Dec 21)
- RE: Possible apache2/php 4.3.9 worm Todd Towles (Dec 21)