The first program that exploits a newly discovered hole in the popular BIND software has been posted to a public mailing list.
Source code to the program was posted anonymously to the Bugtraq security mailing list Wednesday night, just days after a division of Network Associates Inc. (NAI) warned network administrators of four serious new bugs in BIND, which is used by 80 percent of the domain name servers in use on the Internet.
According to Elias Levy, chief technology officer for SecurityFocus.com, publishers of the Bugtraq list, the program appears to successfully exploit a buffer overflow bug in BIND version 8. But in what appears to be a case of shooting the messenger, the exploit then launches a denial of service attack on a name server owned by Network Associates. For this reason, the program is considered to be a Trojan horse, and Bugtraq subscribers have been warning others on the list not to run the program.
Secure Computing: Sec-C - Entries from April 2008::
Examples include the Fun Security (funsec) mailing list and the Bugtraq mailing list. . However, I am intentionally not including malicious SQL here.)
http://www.hackerfactor.com/blog/index.php?/archives/2008/04.htmlHOME |
Roger's Information Security Blog: June 2007 Archives::
Now most people wouldn't have done that because their email antivirus product has no hope of detecting links to malicious code in emails.
http://www.infosecblog.org/2007/06/HOME |
However, Levy said it's likely that some percentage of the list's 35,000 subscribers tested the program and unknowingly participated in an attack on the NAI DNS server. But he said the list's moderator did not err in letting the message with the Trojan go through.
"People when they subscribe to the list, it's with the caveat that they might be receiving exploits at some point or another, or some information, that is not fully fleshed out yet," Levy said. "We always recommend that they wait until other people analyze the information or the code itself to make sure it works as the poster claims."
Introduction to Software Security::
File Format: PDF/Adobe Acrobat - View as HTMLderived from Bugtraq (a mailing list dedicated to reporting security vulner- created and released the Melissa virus, to his malicious code.
http://www.informit.com/content/images/020172152X/samplechapter%5Cviegach1.pdfHOME |
My Personal Blog: December 2004::
The flaws, which were revealed publicly on the Bugtraq security mailing lists .. to help protect against exploitation of your system by malicious code.
http://willysr.blogspot.com/2004_12_01_archive.htmlHOME |
 helloNetwork.com to Challenge Mainstream Streaming Media
 Bug Opens Microsoft IE to HTML .exe Attachments
|
Bugtraq List Accidentally Releases Malicious Code