Full Disclosure mailing list archives

RE: Re: Aol IM /Microsoft IE remote code execution

From: Michael Evanchik <mike () alanpickel com>
Date: Thu, 19 Feb 2004 10:58:42 -0500

That is definately true.  But unfortunately I used known local exploit examples to give due credit to some people.  
There are many different local exploits that norton does not pick up as well as ways to rewrite the known ones to trick 
norton so I have been told.

Mike

From:Feher Tamas
Sent:Thu 2/19/2004 5:00 AM
To:full-disclosure () lists netsys com
Subject:[Full-Disclosure] Re: Aol IM /Microsoft IE remote code execution

Hello,

www.MichaelEvanchik.com/security/microsoft/ie/aim/aim.txt


Kaspersky AV says:
"aim.txt Infected: Exploit.Win32.LnkRun"

http://www.high-pow-er.com/ok.hta


This one is "Trojandropper.VBS.Inor.i".

The morale of the story is:
Traditional AV is still not dead, it gives you good protection. 8-)
You just have to update several time a day! 8-(

Sincerely: Tamas Feher.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: Aol IM /Microsoft IE remote code execution Feher Tamas (Feb 19)
- <Possible follow-ups>
- RE: Re: Aol IM /Microsoft IE remote code execution Michael Evanchik (Feb 19)