Full Disclosure mailing list archives
FW: Re: AIM Password theft
From: S G Masood <sgmasood () yahoo com>
Date: Wed, 24 Sep 2003 11:04:52 -0700 (PDT)
Hi Brent, This is a recent known vuln. See [1] & [2]. AFAIK, there is no patch from MS yet for this, though, there is a workaround [3] that you can try at your own risk. [1] http://www.securityfocus.com/archive/1/337285 [2] http://www.securityfocus.com/archive/1/337440 [3] http://ip3e83566f.speed.planet.nl/hacked-by-chinese/5.htm -> See section (3) on this page. -- Best Regards, S.G.Masood Hyderabad, India. -- Brent Meshier Wrote: Mark, The code you just sent looks familiar to a SPAM I received attempting to hijack users' e-gold accounts. Out of curiosity I followed that link which loaded start.html (attached). What worries me is that I'm running IE 6.0.2800.1106 with all the latest patches from Microsoft and this page (start.html) rewrote wmplayer.exe on my local drive without notice. After closing the page, I found two .exe files on my desktop (which loaded from http://doz.linux162.onway.net/eg/1.exe). Is this a new unknown vulnerability? Brent Meshier Global Transport Logistics, Inc. http://www.gtlogistics.com/ "Innovative Fulfillment Solutions __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- FW: Re: AIM Password theft S G Masood (Sep 24)
- <Possible follow-ups>
- Re: AIM Password theft Steve Menard (Sep 25)