Full Disclosure mailing list archives
another new worm submission
From: "Perrymon, Josh L." <PerrymonJ () bek com>
Date: Fri, 4 Jun 2004 14:11:26 -0500
http://www.detroit-x.com/analysis.htm This is something we found this morning. I have packet captures that I will post. I have attached the infected files found with FPORT and also registry entries. We found this rebooting machines with the LSASS.exe error similar to Sasser. As of 6/4/2004 we found no virus defs to pick it up. Joshua Perrymon Sr. Network Security Consultant PGP Fingerprint 51B8 01AC E58B 9BFE D57D 8EF6 C0B2 DECF EC20 6021 **********CONFIDENTIALITY NOTICE********** The information contained in this e-mail may be proprietary and/or privileged and is intended for the sole use of the individual or organization named above. If you are not the intended recipient or an authorized representative of the intended recipient, any review, copying or distribution of this e-mail and its attachments, if any, is prohibited. If you have received this e-mail in error, please notify the sender immediately by return e-mail and delete this message from your system. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- another new worm submission Perrymon, Josh L. (Jun 04)
- Re: another new worm submission Axel Pettinger (Jun 04)
- Re: another new worm submission insecure (Jun 04)
- Re: another new worm submission Paul Schmehl (Jun 04)
- Re: another new worm submission Jerry Heidtke (Jun 04)
- Re: another new worm submission Ron DuFresne (Jun 05)
- Re: another new worm submission Paul Schmehl (Jun 04)
- Re: another new worm submission Christoph Gruber (Jun 07)
- Re: another new worm submission Christoph Gruber (Jun 08)
- Re: another new worm submission Christoph Gruber (Jun 08)
- Re: another new worm submission Christoph Gruber (Jun 08)
- <Possible follow-ups>
- RE: another new worm submission Perrymon, Josh L. (Jun 06)
- RE: another new worm submission Schmehl, Paul L (Jun 07)