Re: [Full-Disclosure] new worm - "warm-pussy.jpg".

[Gadi Evron <ge@egotistical.reprehensible.net>]

segfault wrote:

> You idiot.  Just because a file is called warm-pussy.jpg, doesn't mean that
> the webserver it resides on isn't going to parse it's actual content (which
> is probably plaintext).  Look again, I'm sure you'll be surprised.

HTML _is_ plain-text.
Just because the server sends it as plain text doesn't mean the browser 
won't execute it.

It does.

This *is* a Trojan horse.

Do you have anything real to contribute or are you just going to call a 
guy that raised the alarm of a _possible_ new dangerous Trojan hourse names?
--
      Gadi Evron (i.e. ge),
      ge@linuxbox.org.

The Trojan Horses Research mailing list - http://ecompute.org/th-list

My resume (Hebrew) - http://vapid.reprehensible.net/~ge/resume.rtf

PGP key for ge@linuxbox.org -
http://vapid.reprehensible.net/~ge/Gadi_Evron.asc
Note: this key is used mainly for files and attachments, I sign email 
messages using:
http://vapid.reprehensible.net/~ge/Gadi_Evron_sign.asc


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html