From: Drage, Nick (nick.drage@eds.com)
Date: Fri Sep 16 2005 - 07:35:20 EDT
>> Does anyone knows a way to exploit this worm to get access
>to the system?
>
>Maybe it's just me, but I'd worry more about letting the
>client know they have an infected and owned system on their
>network than trying to figure out if I could further exploit
>it. Especially if it's likely that the infection is actively
>being used by someone.
It's not just you, I would expect that the customer doesn't care whether
the malware can be exploited or not. I thought it was standard practice
to notify the customer immediately of the presence of such software so
it can be removed or so the machine can be rebuilt, yes?
-- Nick Drage EDS UK Penetration Testing Team ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:55 EDT