<<< Date Index >>>     <<< Thread Index >>>

Re: GDI Virus in the wild.



It's not a virus, just a connect back (82.1.163.241:55000) cmd shell exploit.

/gerry

Ben wrote:
Allo,

There is now a GDI+ jpeg exploiting virus in the wild.  It was posted
on  Mon, 27 Sep 2004 01:25:52 GMT via NNTP to multiple news groups by a
single person.

See the following for details:
http://www.easynews.com/virus.txt

You can see the virus here:
http://easynews.com/test/possiblevirus.jpg.gz


- IsolationX



--
Gerald Eisenhaur
Cisco Systems, Inc.
1414 Massachusetts Ave.
Boxborough, Massachusetts 01719
voice:  978.936.0465
geisenhaur@xxxxxxxxx