funsec mailing list archives

Previous By Date Next
Previous By Thread Next

WMF 0-Day Exploit

From: "Fergie" <fergdawg () netzero net>
Date: Wed, 28 Dec 2005 16:17:38 GMT
A couple of interersting F-Secure blog entries:

http://www.f-secure.com/weblog/#00000752
http://www.f-secure.com/weblog/#00000753

Most importantly, the domains serving up this stuff, and one
humorous note:

[snip]

And funnily enough, according to WHOIS, domain beehappyy.biz is owned by a previous president of Soviet Union:

  Registrant Name: Mikhail Sergeevich Gorbachev
  Registrant Address1: Krasnaya ploshad, 1
  Registrant City: Moscow
  Registrant Postal Code: 176098
  Registrant Country: Russian Federation
  Registrant Country Code: RU

"Krasnaya ploshad" is the Red Square in Moscow...

[snip]

;-)

- ferg

ps. And, apparently it is really easy to get burned by this
exploit, so we will probably start seeing other domains/hosts
serving it up before Microsoft gets a patch out for it.


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: