| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | Nice antivirus symantec.. |
From: "Geo." http://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2007-022 615-1754-99&tabid=1 W32.Rinbot.H is a worm that spreads through network shares and by exploiting certain vulnerabilities. It also opens a back door on the compromised computer. then under technical details: The worm may spread through networks shares protected by weak passwords and by exploiting the following vulnerabilities: Symantec Client Security and Symantec AntiVirus Elevation of Privilege (BID 18107) ROFL!!! so it spreads by exploiting an AV program. Good one!! Oh and this tidbit: The worm then allows a remote attacker to perform the following actions: Gather system information Scan local network for other computers to infect Download and execute a specified file Run an http/ftp server Update itself Steal Cd Keys <<<<<<----- End analysis tools such as Filemon, Regmon, Ethereal, etc. Nice! Geo. --- BBBS/NT v4.01 Flag-5* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45) SEEN-BY: 633/267 5030/786 @PATH: 379/45 1 633/267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.