New MyDoom variants exploiting unpatched IFRAME exploit

From: Jeffrey Thomas (jthomas_at_ETAXFN.COM)
Date: 11/09/04

Next message: Russ Cooper: "MajorRev: v2.0 Microsoft Security Bulletin MS04-039 - Vulnerability in ISA Server 2000 and Proxy Server 2.0 Could Allow Internet Content Spoofing (888258)"

Previous message: Marc Maiffret: "EEYE: Kerio Personal Firewall Multiple IP Options Denial of Service"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date:         Tue, 9 Nov 2004 10:28:34 -0500
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

Symantec writeup's here:

http://securityresponse.symantec.com/avcenter/venc/data/w32.mydoom.ai@mm.html

http://securityresponse.symantec.com/avcenter/venc/data/w32.mydoom.ah@mm.html

Maybe a patch today from Redmond? This could become a mess fast. Many of the AV folks are playing catchup on signature updates to detect these.

--
Editor's Note: The 43rd Most Powerful Person in Networking says...
Register today to take the TruSecure ICSA exam by 12/31/04  at
<http://www.2test.com> ,  use promo code "CT1204" and you will pay just
$221.25 US Dollars for domestic exam delivery and  $296.25 US Dollars
for international delivery.
Visit <https://ticsa.trusecure.com>  for complete details regarding the
TICSA credential and to take the free sample exam.
--

Next message: Russ Cooper: "MajorRev: v2.0 Microsoft Security Bulletin MS04-039 - Vulnerability in ISA Server 2000 and Proxy Server 2.0 Could Allow Internet Content Spoofing (888258)"

Previous message: Marc Maiffret: "EEYE: Kerio Personal Firewall Multiple IP Options Denial of Service"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Winamp - Buffer Overflow In IN_CDDA.dll [ Patch Released ]
... intended recipient, you are not authorised to use or copy this message ... information system for the purposes of the New Zealand Electronic ... $221.25 US Dollars for domestic exam delivery and $296.25 US Dollars ...
(NT-Bugtraq)
Address Bar Spoophing for the Pheeshies: IntotheNet Explorer 6
... var malware = screen.availHeight; ... This is the hook: ... $221.25 US Dollars for domestic exam delivery and $296.25 US Dollars ...
(NT-Bugtraq)
Re: possible regedit bulk key deletion vulnerability (Revised)
... Far easier for the malware to use the API that Microsoft thoughtfully ... $221.25 US Dollars for domestic exam delivery and $296.25 US Dollars ...
(NT-Bugtraq)
Sharepoint 2003 installation fails and account password revealed in setup log
... This application has requested the runtime to terminate it in an unusual way. ... Looking at this short log file reveals a line with the text: ... $221.25 US Dollars for domestic exam delivery and $296.25 US Dollars for international delivery. ...
(NT-Bugtraq)