Full Disclosure mailing list archives
Xmas virus on the cards ?
From: "security squirrel" <secsquirrel () lycos com>
Date: Thu, 18 Dec 2003 08:58:50 -0400
Hi all - I noticed this article at http://www.vnunet.com/News/1151553 and it looks alarming - however did not find any more details. If I understand well an HTML file is renamed to JPG and attached to an email. However I did not manage to reproduce this. This is my summary of the article: 1. xmas card emails to LEAD to innocent images which are not images but have viruses 2. Mail Filtering systems should handle images just like HTML files + educate 3. ISS reports that this was on a hacker mailing list 4. techniques to bypass firewalls by MISLABELLING html files as JPGs 5. Steven Darrall is a senior consultant at ISS X-Force Security Assessment Services 6. The problem is caused by Microsoft's Internet Explorer (IE) web browser automatically opening files labelled with .jpg or .gif extensions. 7. Hackers have posted a proof-of-concept file in which the content was a script that caused the browser to download and install a virus according to Darrall 8. The site serving the virus has since been shut down Is the image and attachment or is it simply a link to a .jpg file on an HTTP server? Did anyone manage to reproduce this or can point to the original post on the "hacker mailing list" which describes this? - Sec-Squirrel :) ____________________________________________________________ Free Poetry Contest. Win $10,000. Submit your poem @ Poetry.com! http://ad.doubleclick.net/clk;6750922;3807821;l?http://www.poetry.com/contest/contest.asp?Suite=A59101 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Xmas virus on the cards ? security squirrel (Dec 18)
- Re: [Full-Disc]: Xmas virus on the cards ? Anders (Dec 18)
- <Possible follow-ups>
- Xmas virus on the cards ? security squirrel (Dec 18)
- RE: Xmas virus on the cards ? Jay Libove (Dec 18)
- RE: Xmas virus on the cards ? Schmehl, Paul L (Dec 18)
- RE: Xmas virus on the cards ? security squirrel (Dec 18)