|
W32.Gaobot.AFJ Some news about yesterdays diary about "Phatbot exploiting LSASS". The binary was identified today by Symantec beta virus definition as W32.Gaobot.AFJ. This is the not the end...we received information about another yet variation that is not identified by this beta virus defs. As reported in previous diaries, the source code of the worm is available on the underground, and continuous and more controlled / dangerous versions are expected. Bagle.aa/Beagle.X and Netsky.AB on the wild A new version of the Beagle worm was discovered today. Besides the common behavior of spreading itself by file-sharing and email, this version also opens a backdoor on port 2535. Also, versions of the newest version of Netsky (Netsky.AB) is reported to be on the wild. At this time, some of the major AV companies already have updated the virus definitions file that allows the detection of them. Reference: http://www.sarc.com/avcenter/venc/data/w32.beagle.x@mm.html http://www.sarc.com/avcenter/venc/data/w32.netsky.ab@mm.html HP Web JetAdmin vulnerability exploitation We received a report about the exploitation of the HP Web JetAdmin vulnerability posted at the Bugtraq mailing list. This vulnerability affects version 6.5. Also, versions 6.2 and 7.0 are partially affected. Reference: http://www.securityfocus.com/archive/1/361535/2004-04-24/2004-04-30/0 ------------------------------------------------- Handler on duty: Pedro Bueno (bueno_AT_ieee.org) |
Pedro 155 Posts ISC Handler Apr 28th 2004 |
| Thread locked Subscribe |
Apr 28th 2004 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!
