[Full-Disclosure] Re: New GDI exploit

From: Josh L. Perrymon (joshuaperrymon_at_gmail.com)
Date: 09/22/04

  • Next message: Thierry Carrez: "[Full-Disclosure] [ GLSA 200409-30 ] xine-lib: Multiple vulnerabilities"
    To: full-disclosure@lists.netsys.com
    Date: Wed, 22 Sep 2004 15:06:39 -0500
    
    

    http://www.c-enter.hu/center/0230779.html

    I do have some good news.. Seems some AV companies already have some
    sigs to spot the .jpg vuln.

    Symantec picks it up as bloodhound so email propagation may become less viable.

    It does this with the local and remote shellcodes.

    JP

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Thierry Carrez: "[Full-Disclosure] [ GLSA 200409-30 ] xine-lib: Multiple vulnerabilities"

    Relevant Pages

    • Re: Bloodhound.Exploit.45
      ... | Problems with Bloodhound.Exploit.45 pattern in Symantec AV ... | Sounds like Symantec's Bloodhound has gone a bit rabid;-) ...
      (alt.comp.anti-virus)
    • Bloodhound Virus
      ... Bloodhound is the term given to an unreleased exploit (or ... virus) which symantec has pre-prepared for in its ... so its hard to give instructions. ...
      (microsoft.public.windowsxp.general)
    • Re: Anyone ever heard of MewOrleans / Maximus ???
      ... | probable malware family... ... i don't think bloodhound does (at least it ... Symantec would append a name and or number. ...
      (alt.comp.anti-virus)