[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] new worm - "warm-pussy.jpg".

To: Gadi Evron <ge@egotistical.reprehensible.net>
Subject: Re: [Full-Disclosure] new worm - "warm-pussy.jpg".
From: Valdis.Kletnieks@vt.edu
Date: Wed, 12 Nov 2003 23:52:28 -0500

On Thu, 13 Nov 2003 01:08:06 PST, Gadi Evron <ge@egotistical.reprehensible.net> 
 said:

> HTML _is_ plain-text.
> Just because the server sends it as plain text doesn't mean the browser 
> won't execute it.
> 
> It does.

Well.. sure... a .JPG might have some executable code in it, right? :)

At least this time they're improving.  They're executing plain text that
was called .jpg.  Last time, they executed javascript that was in the
comments field of an actual jpg.

Attachment: pgp00056.pgp
Description: PGP signature

References:
- [Full-Disclosure] new worm - "warm-pussy.jpg".
  - From: "Tom Russell" <kalleth@nildram.co.uk>
- Re: [Full-Disclosure] new worm - "warm-pussy.jpg".
  - From: "segfault" <segfault@nycap.rr.com>
- Re: [Full-Disclosure] new worm - "warm-pussy.jpg".
  - From: Gadi Evron <ge@egotistical.reprehensible.net>

Prev by Date: [Full-Disclosure] SSH Exploit Request
Next by Date: Re: [Full-Disclosure] new worm - "warm-pussy.jpg".
Previous by thread: Re: [Full-Disclosure] new worm - "warm-pussy.jpg".
Next by thread: Re: [Full-Disclosure] new worm - "warm-pussy.jpg".
Index(es):
- Date
- Thread