[IP] more on compromised ad servers?
Begin forwarded message:
From: Chris Beck <cbeck@xxxxxxxxxxxxxx>
Date: August 26, 2005 11:20:13 AM EDT
To: djf <dave@xxxxxxxxxx>, Dan Updegrove <updegrove@xxxxxxxxxxxxxxx>
Subject: Re: [IP] more on compromised ad servers?
Rumour has it David Farber, on or about 26/08/2005 9:57 AM, forwarded:
however, is that more and more droppers are being built into .png and
.jpg files and can be very hard to detect on networks with large
flows.
Perhaps someone in the know could explain a little more about the
attack vectors
themselves. Are these things stack overflow attacks against the image
libraries? And the requisit libraries have yet to have patches
released? Are
systems with NX CPUs still vulnerable? Given the penchant of
graphics libraries
to use various extensions SSE 1/2/3, MMX, 3DNow &c - is there a class
of x86
processors that aren't vulnerable?
Cheers,
Chris
-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/