Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Beware the firefox ZERO DAYZZZZ

From: "Memisyazici, Aras" <arasm () vt edu>
Date: Sun, 17 Aug 2008 12:19:27 -0400
@T Biehn:

Please allow me to apologize for if I misunderstood your claim(s)... However, in your subject you are warning us about 
a FF 0-day while all you provide as 'proof' is anubis' examination of the 'after-the-fact' ...

Could you pls give us a li'l more? Perhaps some logs (browser URL history, firewall, AV, event logs all scrubbed for 
non-related data), your FF version at the time of pwnage, a brief personal account on how this 'might' have happened 
etc etc might help us analyze and prep better for it.

In the meantime, it looks like it's pretty easily detectable per the prev. reply and I'd like to note that Ikarus ID'd 
one of it's components as:

PWS.Win32.Zbot.G (Sig-Id:20421721)

So... Thx for the analysis but looks like more info is needed IMO! :)

Sincerely,
Aras 'Russ' Memisyazici
Systems Administrator 
Office of the Vice President for Research
Virginia Tech

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: