Nu era chiar exploit pt bind. Vedeti mai jos. ---------- Forwarded message ---------- Date: Wed, 31 Jan 2001 20:09:33 -0800 From: Matt Lewis <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Bind 8 Exploit - Trojan The Bind 8 Exploit sent to bugtraq users by "[EMAIL PROTECTED]" is a Trojan, as I'm sure many have found out at this point. It attacks dns1.nai.com, and I haven't researched it extensively yet, wanted to get this out. There's quite possibly other things going on as well, locally. I straced it and got odd results, the last time I ran it, it didn't launch the attack. Shellcode analyzation would be required here. How did this get approved, did anyone test it or review it? You can see the IP address for dns1.nai.com listed in the shellcode included with the file. It forks off many copies of itself and violently attacks NAI's nameserver. --- Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to unsubscribe from this list.
