Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Full-Disclosure] RE: new internet explorer exploit (was new worm)

from [Drew Copley] Network Security [Permanent Link]
Subject: [Full-Disclosure] RE: new internet explorer exploit (was new worm)
Date: Mon, 29 Mar 2004 11:44:12 -0800 
 


-----Original Message-----
From: Jelmer [mailto:jkuperus@planet.nl] 
Sent: Monday, March 29, 2004 6:36 AM
To: full-disclosure@lists.netsys.com; bugtraq@securityfocus.com
Subject: new internet explorer exploit (was new worm)

The code used by this worm to exploit it's users at least 
partly  is (i
think) new , the vulnerability it abused has afaik not been 
published on
eighter bugtraq or full-disclosure. possibly making it (one 
of?) the first
worm to totally catch people offguard.


Yeah. It is a zero day worm, and it is very notable as such.  

I can not recall a previous zero day worm. (AV is not my job, but I do
try and follow zero day.)

Hence, IE has birthed us the first zero day worm.

We should be thankful it was not coded better, because it could have
caused some really serious problems. A hundred thousand systems is
really a low target when you consider 94% of all browsers being used are
IE and the internet population is around the 400 million figure.

A zero day worm in IE:
post on Feb 19, 2004
http://www.securityfocus.com/archive/1/354447

Thor's post which archives various vendor's papers on it (Feb 25 2003):
http://www.securityfocus.com/archive/1/355149/2004-02-24/2004-03-01/0

Someone in Russia is making some nice cash. As usual. Or, something even
nastier is going down. (Nastier then the Red Mafiya??)

Hopefully, someone with a badge somewhere is investigating this. But,
looking up "bizex investigation" in google news turns up zero hits.
Maybe because "we" (all of the nations of the world) forgot to create
some kind of online police force. Doh.

Just like the Wild West. The only law is Pinkerton. How sad.

Echo... Echo...
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-Disclosure] Re: Addressing Cisco Security Issues, Jason Dodson
Next by Date:  [Full-Disclosure] Re: systrace silently patches full local bypass vulnerability on Linux, stealth
Previous by Thread:  [Full-Disclosure] Verifying patches on MS servers, Federated Information Security
Next by Thread:  [Full-Disclosure] Re: new internet explorer exploit (was new worm), Berend-Jan Wever
Indexes:  [Date] [Thread] [Top] [All Lists]