[ale] Trojan mpg123 alert

Stephen F Nicholas syssfn at panther.Gsu.EDU
Wed Jan 15 23:03:06 EST 2003 

Slap me if I read this incorrectly.  People surf the web under their root
account ?? :-(

=======================================================
| Steve Nicholas             |                        |
| Software Systems Engineer  |  A risk is not a risk  |
| Georgia State University   |  until it is taken.    | 
| snicholas at gsu.edu          |                        |
| 404-651-1062               |  BBROYGBVGW            |
=======================================================

On Wed, 15 Jan 2003, Dow Hurst wrote:

> This is a good reason to follow Bob Toxen's philosophy of working with 
> untrusted files as a separate user.  You have the power under Linux to 
> protect yourself!
> 
> Bob recommends web browsing as a separate user.  Especially if you are 
> using plugins, java, or javascript enabled.  I think ssh'ing to your 
> machine as the untrusted user to run the apps would work okay.  Or, for 
> the dual screen people, instead of running Xinerama, use two separate 
> Xservers and log in as separate users.
> Dow
> 
> 
> James P. Kinney III wrote:
> 
> >I really don't like seeing stuff like this for ANY operating system
> >platform. I especially hate seeing it for Linux systems.
> >
> >http://www.theage.com.au/articles/2003/01/15/1042520656903.html
> >
> ><cut-n-paste>
> >
> >Linux trojan starts circulating
> >January 15 2003
> >
> >
> >
> >An exploit for the Linux mpg123 mp3 player has started circulating,
> >following the release of the code for the same by the Gobbles security
> >group.
> >
> >Anti-virus software maker Symantec has christened it as
> >Trojan.Linux.JBellz.
> >
> >The trojan arrives as a malformed .mp3 file and when played with a
> >specific version of the mpg123 player, the code is executed. All the
> >files in the home directory of the current user are deleted, recursing
> >into subdirectories. 
> >
> >Symantec said version pre0.59s of the mpg123 player had been verified to
> >be vulnerable on SuSE Linux 8.0 and Slackware Linux 8.0. 
> >
> >  
> >
> 
> -- 
> __________________________________________________________
> Dow Hurst                  Office: 770-499-3428
> Systems Support Specialist    Fax: 770-423-6744
> 1000 Chastain Rd., Bldg. 12
> Chemistry Department SC428  Email:dhurst at kennesaw.edu
> Kennesaw State University         Dow.Hurst at mindspring.com
> Kennesaw, GA 30144
> *********************************
> *Computational Chemistry is fun!*
> *********************************
> 
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
> 

_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale

More information about the Ale mailing list