Security Incidents mailing list archives

Re: cuebot-d infection method

From: terry white <twhite () aniota com>
Date: Wed, 24 Aug 2005 13:56:02 -0700 (PDT)

on "8-24-2005" "Jeff Bryner" writ:

: The writeup at http://www.sophos.com/virusinfo/analyses/w32cuebotd.html
: fits the scenario, but it doesn't say exactly what the initial
: infection vector is.

   "W32/Cuebot-D attempts to spread using a variety of techniques
    including the exploitation of the PnP vulnerability (MS05-039)."

    ... from my reading of it, there multiple attack vectors involved ...





-- 
... i'm a man, but i can change,
    if i have to , i guess ...

Current thread:

RE: cuebot-d infection method, (continued)
- RE: cuebot-d infection method Matthew Neeley (Aug 24)
- Re: cuebot-d infection method Matt Stockdale (Aug 24)
  - Re: cuebot-d infection method Irwan Ismail (Aug 25)
    - RE: cuebot-d infection method Jason Burton (Aug 25)
  - Re: cuebot-d infection method Jayson Anderson (Aug 25)
    - Re: cuebot-d infection method Harlan Carvey (Aug 26)
    - Re: cuebot-d infection method Jeff Bryner (Aug 29)
    - Re: cuebot-d infection method Harlan Carvey (Aug 29)
    - Re: cuebot-d infection method Jayson Anderson (Aug 29)
    - Re: cuebot-d infection method Jose Nazario (Aug 29)
- Re: cuebot-d infection method terry white (Aug 24)
  - Re: cuebot-d infection method Jeff Bryner (Aug 25)
- Re: cuebot-d infection method matt (Aug 29)
  - Re: cuebot-d infection method Simon Borduas (Aug 29)