I've caught a copy of msblast.exe.
Get it at :
www.geocities.com/nilssommer/msblast.zip - original packed version
www.geocities.com/nilssommer/msblast_unpacked.zip - unpacked with upx
Nils Sommer
----- Original Message -----
From: "Joey" <[EMAIL PROTECTED]>
To: "Full-Disclosure (E-mail)" <[EMAIL PROTECTED]>
Sent: Monday, August 11, 2003 10:21 PM
Subject: [Full-Disclosure] DCOM Worm released
> They found a worm, but since it uses tftp servers that
> can be taken down and since tftp is slow, it shouldnt
> have much of an effect.
>
> "Scans sequentially for machines with open port 135,
> starting at a presumably random IP address" - very
> stupid way to spread!
>
> http://isc.sans.org/diary.html?date=2003-08-11
>
> __________________________________
> Do you Yahoo!?
> Yahoo! SiteBuilder - Free, easy-to-use web site design software
> http://sitebuilder.yahoo.com
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
