[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Fw: Codered2 and winnuke

Subject: [cobalt-security] Fw: Codered2 and winnuke
From: "Gareth" <garth@xxxxxxxxxxxxxxx>
Date: Fri, 10 Aug 2001 10:42:56 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

----- Original Message -----
From: "Gareth" <garth@xxxxxxxxxxxxxxx>
To: "Gareth" <garth@xxxxxxxxxxxxxxx>
Sent: Friday, August 10, 2001 10:37 AM
Subject: Re: Codered2 and winnuke


> Sorry, I have just rechecked the sites I originally got my iformation
from,
> and the virus does leave an onload, to set a mapping into the %systemroot%
> from the IIS server.
> Gareth
>
> From: "Gareth" <garth@xxxxxxxxxxxxxxx>
> Sent: Friday, August 10, 2001 10:30 AM
> > It only leaves the backdoor and does not leave any onload commands. The
>
>

Prev by Date: Re: [cobalt-security] DANGER WILL ROBINSON!!! A tool for MIM/c*apfilt and poisoning listed on /.
Next by Date: RE: [cobalt-security] Re: Unix worm to kill codered.
Previous by thread: [cobalt-security] Re: Codered2 and winnuke
Next by thread: [cobalt-security] BIND running as root

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index