It's not a virus, just a connect back (82.1.163.241:55000) cmd shell
exploit.
/gerry
Ben wrote:
> Allo,
>
> There is now a GDI+ jpeg exploiting virus in the wild. It was posted
> on Mon, 27 Sep 2004 01:25:52 GMT via NNTP to multiple news groups by a
> single person.
>
> See the following for details:
> http://www.easynews.com/virus.txt
>
> You can see the virus here:
> http://easynews.com/test/possiblevirus.jpg.gz
>
>
> - IsolationX
>
>
exploit.
/gerry
Ben wrote:
> Allo,
>
> There is now a GDI+ jpeg exploiting virus in the wild. It was posted
> on Mon, 27 Sep 2004 01:25:52 GMT via NNTP to multiple news groups by a
> single person.
>
> See the following for details:
> http://www.easynews.com/virus.txt
>
> You can see the virus here:
> http://easynews.com/test/possiblevirus.jpg.gz
>
>
> - IsolationX
>
>
--
Gerald Eisenhaur
Cisco Systems, Inc.
1414 Massachusetts Ave.
Boxborough, Massachusetts 01719
voice: 978.936.0465
geisenhaur (at) cisco (dot) com [email concealed]
[ reply ]