Re: IE/WMP Exploit
From: Axel Pettinger (api_at_epost.de)
Date: 06/15/04
- Previous message: Max: "RE: [ok] Simple Windows incident response methodology"
- In reply to: Carlos Kramer: "IE/WMP Exploit"
- Next in thread: caldcv_at_students.fccj.org: "Re: IE/WMP Exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 15 Jun 2004 16:54:33 +0200 To: Carlos Kramer <csk_1975@hotmail.com>
Carlos Kramer wrote:
>
> I saw the 180solutions.com analysis and the stuff I've seen appears to
> be different and use a different exploit - maybe just a variation on a
> theme? But it overwrites wmplayer.exe and seems to use a WMP exploit
> as well as IE exploits.
>
> It comprimises a fully patched Windows 2000, IE6, WMP7 machine.
Out of curiosity ... Is MS04-013 installed on your machine?
What you've seen looks like the Adodb.Stream and ms-its problem.
Regards,
Axel Pettinger
---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security
Protect your network against hackers, viruses, spam and other risks with Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost of
ownership.
Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_incidents_040614
----------------------------------------------------------------------------
- Previous message: Max: "RE: [ok] Simple Windows incident response methodology"
- In reply to: Carlos Kramer: "IE/WMP Exploit"
- Next in thread: caldcv_at_students.fccj.org: "Re: IE/WMP Exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
