The shell code is located at
http://219.234.95.124/vbox/shellscript.js
and Macafee points it out as:
VBS/Psyme - Trojan
-Pratik
>>> "Geo." <[EMAIL PROTECTED]> 6/16/2004 7:22:48 AM >>>
Received a spam this morning claiming I have a voicemail with the link
(warning do not click the link)
http:
Received a spam this morning claiming I have a voicemail with the link
(warning do not click the link)
http:-//www-1voicemailbox-net/voicemail/ (dashes added by me)
which brings up a frames based page with one of the frames containing this
function InjectedDuringRedirection(){
showModalDia
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Aditya, ALD [Aditya Lalit Deshmukh] wrote:
> First of all this might be a social engg. attempt to find your
> antivirus versions and if the allow passing of malicious code thr.. so
> please santise your data before sending to the list
Who, Bipin? Ar
--- [EMAIL PROTECTED] wrote:
> There is a history of years and years of antivirus
> products
> choking on funky compressed files.
>
> We had reports of quite a few AV products crapping
> out on
> the invalid zip files included with our zip advisory
> from 2002:
>
>
> http://www.rapid7.co
--- [EMAIL PROTECTED] wrote:
> There is a history of years and years of antivirus
> products
> choking on funky compressed files.
>
> We had reports of quite a few AV products crapping
> out on
> the invalid zip files included with our zip advisory
> from 2002:
>
>
> http://www.rapid7.co
There is a history of years and years
of antivirus products
choking on funky compressed files.
We had reports of quite a few AV products
crapping out on
the invalid zip files included with
our zip advisory from 2002:
http://www.rapid7.com/advisories/R7-0004/R7-0004.tgz
http://ww
Norton AV Corporate Ed.
version 7.60.926
Displayed it as a virus in about a second. Kept on scanning, didn't stop after
a minute. I aborted it only to have disk cleaner come up due to running out of
space. Told it to stop but it kept going. System crashed. :(
Mike
___
Title: [Full-Disclosure] Antivirus/Trojan/Spyware scanners DoS!
The latest version of Panda
Antivirus didn't like it at all. It showed it scanned two files then promptly
locked up. ergh. I have the free version of AVG on one of the workstations at
the office, I'll try it there a
On Sun, Jun 13, 2004 at 03:30:17AM -0700, bipin gautam wrote:
Hello everybody,
I wounder how many Antivirus/Trojan/Spyware scanners
will choak to death while having a manual scan of the
file:
http://www.geocities.com/visitbipin/SERVER_dwn.zip
I was woundering, what would be the results if such
fil
--- npguy <[EMAIL PROTECTED]> wrote:
> This comes when extracting module doesn't verify the
> intgerity of headers. The
> similar types of breaches were found in WinRAR. The
> quick
> approach to resolve is to verify the actual physical
> size of the compressed
> file against the headers info. W
clam use unzip utility outside its process space. if unzip itself is
vulnerable (not in case of linux) then clam may face similar problem
check "manager.c" of clam 0.15
242 if(strbcasestr(filename, ".zip")) {
243 char *args[] = { "unzip", "-P", "clam", "-o", (char *)
filen
]
Subject: [Full-Disclosure] Antivirus/Trojan/Spyware scanners DoS!
Hello everybody,
I wounder how many Antivirus/Trojan/Spyware scanners
will choak to death while having a manual scan of the
file:
http://www.geocities.com/visitbipin/SERVER_dwn.zip
I was woundering, what would be the results if such
$ clamscan -V
clamscan / ClamAV version 0.71
$ clamscan SERVER_dwn.zip
SERVER_dwn.zip: Eicar-Test-Signature FOUND
--- SCAN SUMMARY ---
Known viruses: 21951
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 20.13 MB
I/O buffer size: 131072 bytes
Time: 5.447 sec
This comes when extracting module doesn't verify the intgerity of headers. The
similar types of breaches were found in WinRAR. The quick
approach to resolve is to verify the actual physical size of the compressed
file against the headers info. WinRAR now takes similar approach.
Not only the An
want.
sk3tch
-Original Message-
From: [EMAIL PROTECTED] on behalf of bipin gautam
Sent: Sun 6/13/2004 5:30 AM
To: [EMAIL PROTECTED]
Subject: [Full-Disclosure] Antivirus/Trojan/Spyware scanners DoS!
Hello everybody,
I wounder how many Antivirus/Trojan/Spyware scanners
will choak to death
> Ps: Please, reply with the version No. of the AV.
> scanner that you are using. If anyone of you have a
> test PC please test the file using the online virus
> scanners available at : http://virusall.com/downscan.html
>
First of all this might be a social engg. attempt to find your antivirus ve
NOD32 version 1.787 (20040612) NT
number of files scanned: 10
number of viruses found: 5
time of completion: 11:23:13 total scanning time: 41 sec (00:00:41)
--> > Hello everybody,
--> >
--> > I wounder how many Antivirus/Trojan/Spyware scanners
--> > will choak to death while having a manual sc
On Sun, Jun 13, 2004 at 03:30:17AM -0700, bipin gautam wrote:
> I wounder how many Antivirus/Trojan/Spyware scanners
> will choak to death while having a manual scan of the
> file:
>
> http://www.geocities.com/visitbipin/SERVER_dwn.zip
>
> I was woundering, what would be the results if such
> file
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Jun 13, 2004 at 03:30:17AM -0700, bipin gautam wrote:
> Hello everybody,
>
> I wounder how many Antivirus/Trojan/Spyware scanners
> will choak to death while having a manual scan of the
> file:
>
> http://www.geocities.com/visitbipin/SERVER_d
bipin gautam wrote:
Hello everybody,
I wounder how many Antivirus/Trojan/Spyware scanners
will choak to death while having a manual scan of
the
file:
http://www.geocities.com/visitbipin/SERVER_dwn.zip
I was woundering, what would be the results if such
file gets stucked in an "AV gateway" (O;
pleas
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
bipin gautam wrote:
| I wounder how many Antivirus/Trojan/Spyware scanners will choak to
| death while having a manual scan of the file
I have tried it with Norton AntiVirus 2003 on a PIII 550/256 MB RAM
machine. It
took it 8 minutes to scan 42 files be
Hello
Grisoft AVG 6.0 Free Edition v6.0.75
No problem manually scanning file, took about a second in total.
Ben C
bipin gautam wrote:
Hello everybody,
I wounder how many Antivirus/Trojan/Spyware scanners
will choak to death while having a manual scan of
the
file:
http://www.geocities.com/visitbipin
Groupshield says it was replaced because of a Scanner Timed Out Virus.
bipin gautam wrote:
Hello everybody,
I wounder how many Antivirus/Trojan/Spyware scanners
will choak to death while having a manual scan of the
file:
http://www.geocities.com/visitbipin/SERVER_dwn.zip
I was woundering, what woul
> Hello everybody,
>
> I wounder how many Antivirus/Trojan/Spyware scanners
> will choak to death while having a manual scan of
> the
> file:
>
> http://www.geocities.com/visitbipin/SERVER_dwn.zip
>
> I was woundering, what would be the results if such
> file gets stucked in an "AV gateway" (O;
On Sun, Jun 13, 2004 at 03:30:17AM -0700, bipin gautam wrote:
> Hello everybody,
>
> I wounder how many Antivirus/Trojan/Spyware scanners
> will choak to death while having a manual scan of the
> file:
>
> http://www.geocities.com/visitbipin/SERVER_dwn.zip
>
> I was woundering, what would be the
Hello everybody,
I wounder how many Antivirus/Trojan/Spyware scanners
will choak to death while having a manual scan of the
file:
http://www.geocities.com/visitbipin/SERVER_dwn.zip
I was woundering, what would be the results if such
file gets stucked in an "AV gateway" (O;
please, report your f
26 matches
Mail list logo