Vulnerability Development mailing list archives
Bubble Boy Virus Spreading Mechanism
From: Andrew_Leong () EMAIL COM (Andrew Leong)
Date: Mon, 15 May 2000 16:10:46 +0800
Hi all, Sorry to revive such an old tale, but has anyone out there disassembled the Bubble Boy virus to get an idea of how the worm functions? I mean how it exploits the scriptlet.typelib/Eyedog ActiveX control to propogate? Does anyone have any links to the exploit code or more details? I am very curious as to how it uses the ActiveX controls to do the stuff it does. Just like DilDog's excellent Advisory about the UA control vulnerability, does anyone have more details and is willing to share? Thanks. Andrew Leong ____________________________________________________________________________ Public Key: http://wwwkeys.pgp.net:11371/pks/lookup?op=get&search=0x1BFF3601 PGP Key Fingerprint = 92F8 EF74 19A3 EEC6 6B83 9D83 A61B 20C5 1BFF 3601 ____________________________________________________________________________
Current thread:
- Re: QPOP2.5* exploit ??, (continued)
- Re: QPOP2.5* exploit ?? Maurycy Prodeus (May 15)
- Re: QPOP2.5* exploit ?? jms (May 14)
- Re: QPOP2.5* exploit ?? Eric LeBlanc (May 15)
- hi sparc qpop info sp00n () GMX DE (May 14)
- Re: QPOP2.5* exploit ?? typo () INFERNO TUSCULUM EDU (May 14)
- Re: QPOP2.5* exploit ?? typo () INFERNO TUSCULUM EDU (May 14)
- Re: QPOP2.5* exploit ?? Dimitry Andric (May 14)
- Re: QPOP2.5* exploit ?? Martin Ixter (May 14)
- TROJAN WARNING: Re: QPOP2.5* exploit ?? Nic Bellamy (May 14)
- Re: QPOP2.5* exploit ?? phi-vulndev () EXORSUS NET (May 14)
- Bubble Boy Virus Spreading Mechanism Andrew Leong (May 15)
- Re: QPOP2.5* exploit ?? Lluis Mora (May 15)
- Bugtraq Stats for the last 3 years available now. Alfred Huger (May 15)
- xsoldier mandrake exploit. egid=games with the right shellcode Larry C$ (May 15)
- Re: QPOP2.5* exploit ?? rpc (May 14)
- Fwd: [Newssubmission: Security vulnerability in the ICS HTTPServer component] TLsecurity.net (May 14)
- Re: regarding phrack49's stack smashing tutorial Pavel Kankovsky (May 14)
- Re: regarding phrack49's stack smashing tutorial Darshan Patil (May 14)
- Re: is: tcp/ip vuln, not?... was: WSCRIPT.EXE ,CSCRIPT.EXE replacement for *.vbs Crispin Cowan (May 15)