Re: [Full-disclosure] Simcard 0day.
On Mon, Jan 01, 2007 at 05:43:05PM -0800, Blue Boar wrote: > Does this actually work on people on a security mailing list? Speaking as someone whose current employer has chosen to subscribe its NOC staff group email (a member of which, thankfully, I am not) on an Exchange server to various security mailing lists, in the interest of having the NOC monitor security alerts and open tickets over those affecting systems and applications in use, for which purpose they of course use Outlook... Yes, it pretty definitely does, and gets you in places that are otherwise decently protected. There's little cure for stupidity at the management level other than patience. -- gabriel rosenkoetter [EMAIL PROTECTED] pgpppQae0tfwB.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Simcard 0day.
Dear List, > 1. Open attachment. >Does this actually work on people on a security mailing list? > BB It surely work if moderators do not strip of the attachments and make them availalble in the archives : http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051522.html More interesting is that this list is mirrored elsewhere with these attachements. -- http://secdev.zoller.lu Thierry Zoller Fingerprint : 4813 c403 58f1 1200 7189 a000 7cf1 1200 9f89 a000 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Simcard 0day.
Blue Boar wrote: > dfklsddshd wrote: >> 1. Open attachment. > > Does this actually work on people on a security mailing list? > > BB > > Complete scanning result of "Simcard.com", received in VirusTotal at > 01.02.2007, 02:38:58 (CET). > you would be quite surprised, i'm sure. randy ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Simcard 0day.
dfklsddshd wrote: > 1. Open attachment. Does this actually work on people on a security mailing list? BB Complete scanning result of "Simcard.com", received in VirusTotal at 01.02.2007, 02:38:58 (CET). Antivirus Version Update Result AntiVir 7.3.0.2101.01.2007 TR/Spy.Banker.73216 Authentium 4.93.8 12.30.2006 no virus found Avast 4.7.892.0 12.30.2006 no virus found AVG 386 01.01.2007 no virus found BitDefender 7.2 01.01.2007 GenPack:Generic.Banker.OT.924A93D1 CAT-QuickHeal 8.0001.01.2007 (Suspicious) - DNAScan ClamAV devel-20060426 01.01.2007 no virus found DrWeb 4.3312.31.2006 WIN.MAIL.WORM.Virus eSafe 7.0.14.001.01.2007 Suspicious Trojan/Worm eTrust-InoculateIT 23.73.102 12.30.2006 no virus found eTrust-Vet 30.3.3289 12.29.2006 no virus found Ewido 4.0 01.01.2007 no virus found Fortinet2.82.0.001.01.2007 suspicious F-Prot 3.16f 12.30.2006 no virus found F-Prot4 4.2.1.2912.30.2006 no virus found Ikarus T3.1.0.27 01.01.2007 Trojan-Spy.Win32.Banker.axc Kaspersky 4.0.2.2401.02.2007 no virus found McAfee 492912.29.2006 no virus found Microsoft 1.1904 12.31.2006 no virus found NOD32v2 195101.01.2007 probably unknown NewHeur_PE virus Norman 5.80.02 12.31.2007 no virus found Panda 9.0.0.4 01.01.2007 Suspicious file Prevx1 V2 01.02.2007 no virus found Sophos 4.13.0 01.01.2007 no virus found Sunbelt 2.2.907.0 12.18.2006 VIPRE.Suspicious TheHacker 6.0.3.141 01.01.2007 no virus found VBA32 3.11.1 01.01.2007 no virus found VirusBuster 4.3.19:901.01.2007 no virus found Aditional Information File size: 73216 bytes MD5: 5f22c38e77383a68f865a2c8d9c84f0c SHA1: c1a76dc5fa43d102b447057ce16ad44e8dcf456f packers: YODA packers: YodaProt Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics. VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/