funsec mailing list archives
WMF 0-Day Exploit
From: "Fergie" <fergdawg () netzero net>
Date: Wed, 28 Dec 2005 16:17:38 GMT
A couple of interersting F-Secure blog entries: http://www.f-secure.com/weblog/#00000752 http://www.f-secure.com/weblog/#00000753 Most importantly, the domains serving up this stuff, and one humorous note: [snip] And funnily enough, according to WHOIS, domain beehappyy.biz is owned by a previous president of Soviet Union: Registrant Name: Mikhail Sergeevich Gorbachev Registrant Address1: Krasnaya ploshad, 1 Registrant City: Moscow Registrant Postal Code: 176098 Registrant Country: Russian Federation Registrant Country Code: RU "Krasnaya ploshad" is the Red Square in Moscow... [snip] ;-) - ferg ps. And, apparently it is really easy to get burned by this exploit, so we will probably start seeing other domains/hosts serving it up before Microsoft gets a patch out for it. -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg () netzero net or fergdawg () sbcglobal net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- WMF 0-Day Exploit Fergie (Dec 28)