Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: GDI Virus in the wild.
From: Gerry Eisenhaur <GEisenhaur () cisco com>
Date: Mon, 27 Sep 2004 15:45:10 -0400
It's not a virus, just a connect back (82.1.163.241:55000) cmd shell exploit. 

/gerry

Ben wrote:

Allo,

There is now a GDI+ jpeg exploiting virus in the wild.  It was posted
on  Mon, 27 Sep 2004 01:25:52 GMT via NNTP to multiple news groups by a
single person.

See the following for details:
http://www.easynews.com/virus.txt

You can see the virus here:
http://easynews.com/test/possiblevirus.jpg.gz


- IsolationX




--
Gerald Eisenhaur
Cisco Systems, Inc.
1414 Massachusetts Ave.
Boxborough, Massachusetts 01719
voice:  978.936.0465
geisenhaur () cisco com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]