Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
06-09-2004, 11:11 PM
|
#1
|
Member
Registered: Sep 2003
Distribution: SuSe
Posts: 62
Rep:
|
What exploit is this?
I have some clients getting emails with the following type link in the email:
http://www.domain.com/inbox/info/rea...essionid-29930 <cid:031401Mfdab4$3f3dL780$73387018@57W81fa70Re>
what kind of exploit is this? I used to get them too but my spam filtering kills them now.
|
|
|
06-10-2004, 01:46 AM
|
#2
|
LQ Veteran
Registered: Mar 2003
Location: Boise, ID
Distribution: Mint
Posts: 6,642
Rep:
|
You probably want to post this question over in the Security forum. Ask the moderator to move it there, and you probably will get the answer you seek. -- J.W.
|
|
|
06-10-2004, 03:50 AM
|
#3
|
Moderator
Registered: Nov 2002
Location: Kent, England
Distribution: Debian Testing
Posts: 19,192
|
Moved: This thread is more suitable in Linux-Security and has been moved accordingly to help your thread/question get the exposure it deserves.
|
|
|
06-10-2004, 05:30 PM
|
#4
|
Member
Registered: Aug 2003
Location: Norway
Distribution: Debian UNSTABLE + latest 2.6.kernel
Posts: 391
Rep:
|
I think that's just another way to scam you for a valid e-mail, with username and password.
I've gotten a few of them on my yahoo account..
you'd better take a look at www.rootexploit.org
there's bound to be something about it there
|
|
|
06-10-2004, 06:35 PM
|
#5
|
Senior Member
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
|
Usually links with embedded object or handler tags are Windows-specific exploits (the cid:). Nothing really to worry about if you're not using Windows, but just remember to not click on links in e-mail.
Edit: Oh, looking at it again (with inbox/read.php stuff) it's probably a Squirrelmail Cross Site Scripting (XSS) attack. There have been several recent vulnerabilities in Squirrelmail. So my first advice was very relevant: don't click links in e-mail!.
Last edited by chort; 06-10-2004 at 06:37 PM.
|
|
|
06-11-2004, 02:00 PM
|
#6
|
Senior Member
Registered: Dec 2003
Location: Shelbyville, TN, USA
Distribution: Fedora Core, CentOS
Posts: 1,019
Rep:
|
This is more that likely the Netsky virus (may have been one of the other big ones.... I don't really feel like verifying that). This is just one of the fun messages that you get in your inbox because of it. Like you've heard a million times: Don't open the attachment (in this case link)
|
|
|
06-11-2004, 07:16 PM
|
#7
|
Senior Member
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
|
Actually, benji is right. I looked it up and it is indeed NetSky.
|
|
|
All times are GMT -5. The time now is 07:57 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|