Hello list, Lawrence Baldwin's myNetWatchman service has detected a new worm spreading around, "Iraq Oil", that infects Windows servers over 445/tcp. Advisory here: http://www.mynetwatchman.com/kb/security/articles/iraqiworm/index.htm Detailed reverse engineering found at http://www.unixwiz.net/iraqworm/ (work still in progress) Steve --- Stephen J Friedl | Software Consultant | Tustin, CA | +1 714 544-6561 www.unixwiz.net | I speak for me only | KA8CMY | steveat_private ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Dec 18 2002 - 12:27:54 PST