Security Incidents mailing list archives
Re: IE/WMP Exploit
From: Axel Pettinger <api () epost de>
Date: Tue, 15 Jun 2004 16:54:33 +0200
Carlos Kramer wrote:
I saw the 180solutions.com analysis and the stuff I've seen appears to be different and use a different exploit - maybe just a variation on a theme? But it overwrites wmplayer.exe and seems to use a WMP exploit as well as IE exploits. It comprimises a fully patched Windows 2000, IE6, WMP7 machine.
Out of curiosity ... Is MS04-013 installed on your machine? What you've seen looks like the Adodb.Stream and ms-its problem. Regards, Axel Pettinger --------------------------------------------------------------------------- Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN, wireless security Protect your network against hackers, viruses, spam and other risks with Astaro Security Linux, the comprehensive security solution that combines six applications in one software solution for ease of use and lower total cost of ownership. Download your free trial at http://www.securityfocus.com/sponsor/Astaro_incidents_040614 ----------------------------------------------------------------------------
Current thread:
- IE/WMP Exploit Carlos Kramer (Jun 15)
- Re: IE/WMP Exploit Axel Pettinger (Jun 15)
- <Possible follow-ups>
- Re: IE/WMP Exploit caldcv (Jun 15)
- Re: IE/WMP Exploit Axel Pettinger (Jun 16)
- Re: IE/WMP Exploit Carlos Kramer (Jun 16)
- Re: IE/WMP Exploit Axel Pettinger (Jun 16)