Full Disclosure mailing list archives
Re: Beware the firefox ZERO DAYZZZZ
From: "Memisyazici, Aras" <arasm () vt edu>
Date: Sun, 17 Aug 2008 12:19:27 -0400
@T Biehn: Please allow me to apologize for if I misunderstood your claim(s)... However, in your subject you are warning us about a FF 0-day while all you provide as 'proof' is anubis' examination of the 'after-the-fact' ... Could you pls give us a li'l more? Perhaps some logs (browser URL history, firewall, AV, event logs all scrubbed for non-related data), your FF version at the time of pwnage, a brief personal account on how this 'might' have happened etc etc might help us analyze and prep better for it. In the meantime, it looks like it's pretty easily detectable per the prev. reply and I'd like to note that Ikarus ID'd one of it's components as: PWS.Win32.Zbot.G (Sig-Id:20421721) So... Thx for the analysis but looks like more info is needed IMO! :) Sincerely, Aras 'Russ' Memisyazici Systems Administrator Office of the Vice President for Research Virginia Tech _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Beware the firefox ZERO DAYZZZZ T Biehn (Aug 15)
- Re: Beware the firefox ZERO DAYZZZZ Thierry Zoller (Aug 16)
- <Possible follow-ups>
- Re: Beware the firefox ZERO DAYZZZZ Memisyazici, Aras (Aug 17)