Full Disclosure mailing list archives
RE: JPEG GDI
From: "Todd Towles" <toddtowles () brookshires com>
Date: Tue, 28 Sep 2004 16:19:40 -0500
This was sent out on FD this morning as a password protected ZIP file. I downloaded a copy via wget, both my proxy AV and my desktop AV were able to detect it as a MS04-028 expolit. The story was also posted to Slashdot.org last night -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Barrie Dempster Sent: Tuesday, September 28, 2004 3:16 PM To: Barry Fitzgerald Cc: str0ke () milw0rm com; full-disclosure () lists netsys com Subject: Re: [Full-disclosure] JPEG GDI On Tue, 2004-09-28 at 19:56, Barry Fitzgerald wrote:
Yep - in fact I was reading this morning on http://isc.sans.org/ that one was just found on an adult newsgroup. -Barry
Indeed Barry, heres more information on that for you or others interested http://easynews.com/virus.html I know the file itself has already been posted to the list but this link gives some preliminary analysis of if it too, which shows it as a trojan infection vector and not really a virus in the traditional sense. -- Barrie Dempster (zeedo) - Fortiter et Strenue http://www.bsrf.org.uk [ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ] _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- JPEG GDI str0ke (Sep 28)
- Re: JPEG GDI Barry Fitzgerald (Sep 28)
- Re: JPEG GDI Barrie Dempster (Sep 28)
- <Possible follow-ups>
- RE: JPEG GDI Todd Towles (Sep 28)
- Re: JPEG GDI GuidoZ (Sep 28)
- Re: JPEG GDI Barry Fitzgerald (Sep 28)