LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 06-09-2004, 11:11 PM   #1
Boss Hoss
Member
 
Registered: Sep 2003
Distribution: SuSe
Posts: 62

Rep: Reputation: 15
What exploit is this?


I have some clients getting emails with the following type link in the email:

http://www.domain.com/inbox/info/rea...essionid-29930 <cid:031401Mfdab4$3f3dL780$73387018@57W81fa70Re>

what kind of exploit is this? I used to get them too but my spam filtering kills them now.
 
Old 06-10-2004, 01:46 AM   #2
J.W.
LQ Veteran
 
Registered: Mar 2003
Location: Boise, ID
Distribution: Mint
Posts: 6,642

Rep: Reputation: 87
You probably want to post this question over in the Security forum. Ask the moderator to move it there, and you probably will get the answer you seek. -- J.W.
 
Old 06-10-2004, 03:50 AM   #3
XavierP
Moderator
 
Registered: Nov 2002
Location: Kent, England
Distribution: Debian Testing
Posts: 19,192
Blog Entries: 4

Rep: Reputation: 475Reputation: 475Reputation: 475Reputation: 475Reputation: 475
Moved: This thread is more suitable in Linux-Security and has been moved accordingly to help your thread/question get the exposure it deserves.
 
Old 06-10-2004, 05:30 PM   #4
Kroppus
Member
 
Registered: Aug 2003
Location: Norway
Distribution: Debian UNSTABLE + latest 2.6.kernel
Posts: 391

Rep: Reputation: 30
I think that's just another way to scam you for a valid e-mail, with username and password.
I've gotten a few of them on my yahoo account..

you'd better take a look at www.rootexploit.org
there's bound to be something about it there
 
Old 06-10-2004, 06:35 PM   #5
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 76
Usually links with embedded object or handler tags are Windows-specific exploits (the cid:). Nothing really to worry about if you're not using Windows, but just remember to not click on links in e-mail.

Edit: Oh, looking at it again (with inbox/read.php stuff) it's probably a Squirrelmail Cross Site Scripting (XSS) attack. There have been several recent vulnerabilities in Squirrelmail. So my first advice was very relevant: don't click links in e-mail!.

Last edited by chort; 06-10-2004 at 06:37 PM.
 
Old 06-11-2004, 02:00 PM   #6
benjithegreat98
Senior Member
 
Registered: Dec 2003
Location: Shelbyville, TN, USA
Distribution: Fedora Core, CentOS
Posts: 1,019

Rep: Reputation: 45
This is more that likely the Netsky virus (may have been one of the other big ones.... I don't really feel like verifying that). This is just one of the fun messages that you get in your inbox because of it. Like you've heard a million times: Don't open the attachment (in this case link)
 
Old 06-11-2004, 07:16 PM   #7
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 76
Actually, benji is right. I looked it up and it is indeed NetSky.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Pentesting with an exploit RIB-EYE Linux - Security 1 10-27-2005 05:24 PM
FTP exploit? phatboyz Linux - Security 5 10-18-2004 01:56 PM
EXPLOIT programmin darkseed2g3 Linux - Security 7 10-19-2003 10:31 AM
|more exploit Benamoz Linux - General 3 09-03-2003 05:59 AM
Serv-u v4.0 exploit??? pk21 Linux - Security 2 07-24-2002 05:01 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:57 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration