Vulnerability Development mailing list archives
Re: Another new worm???
From: dknaack () RDTECH COM (David Knaack)
Date: Thu, 22 Jun 2000 14:33:16 -0500
From: Frank Town <frank_smiles () HOTMAIL COM>
Actully not to say everyone is wrong but about 5 years ago when i used to hang out on aol, we made these things called password stealers
<nsip>
They are simple to get rid of, at least they were im nto sure about now. Most just add a line to your win.ini in the run line
At least one of the new breed of AOL PWS use more advanced techniques. I've seen one file infector (specific to AOL.EXE) and one that trojans runonce.exe. However, to my knowledge these particular samples were not released in the wild, and were not self propagating. AOL could be a truly frightening security issue. Given their history of lax security, I can imagine an advanced hacker or AOL insider writing an AOL extension and then using the server push (TOD update) feature to install malicious software on all AOL clients. One could launch a truly massive DDoS using tens or hundreds of thousands of AOL clients. A hacker with access to a large hub could intercept connections to the AOL servers and act as a transparent proxy, with the ability to deliver TOD's to AOL clients. I do not know if AOL TODs are cryptographically signed, but I would be surprised if they were. All very advanced hacking, but doable. DK
Current thread:
- Re: Capturing System Calls, (continued)
- Re: Capturing System Calls Michal Zalewski (Jun 22)
- Fwd: ShowFile CGI Security Vulnerability Barry Russell (Jun 21)
- Re: Fwd: ShowFile CGI Security Vulnerability Blue Boar (Jun 21)
- Re: Another new worm??? Blue Boar (Jun 21)
- Re: Another new worm??? Crispin Cowan (Jun 22)
- Re: Another new worm??? Harmer, Mike (Jun 21)
- Re: Another new worm??? Frank Town (Jun 21)
- Re: Another new worm??? Justin Lintz (Jun 21)
- Re: Another new worm??? Steve Mosher (Jun 22)
- Re: Another new worm??? Michael S Hines (Jun 23)
- Re: Another new worm??? David Knaack (Jun 22)
- Re: Another new worm??? Jason Legate (Jun 22)
- Re: Another new worm??? David Knaack (Jun 22)
- Re: Another new worm??? Jason Legate (Jun 22)
- Red Hat 6.2's ftp segmentation fault Paulo Ribeiro (Jun 22)
- Re: Red Hat 6.2's ftp segmentation fault Osvaldo J. Filho (Jun 23)
- Re: Red Hat 6.2's ftp segmentation fault Michal Zalewski (Jun 23)
- Re: Red Hat 6.2's ftp segmentation fault Jeff Bachtel (Jun 23)
- Re: Red Hat 6.2's ftp segmentation fault Philip Rowlands (Jun 23)
- Re: Red Hat 6.2's ftp segmentation fault Bluefish (Jun 24)
- Re: Red Hat 6.2's ftp segmentation fault Jim Kinney (Jun 24)
- Re: Another new worm??? Justin Lintz (Jun 21)