[ale] Trojan mpg123 alert
da Black Baron
dbaron13 at atl.bellsouth.net
Thu Jan 16 23:58:17 EST 2003
Yeah, they're called "windows users"... ;-)
On Wed, 2003-01-15 at 23:03, Stephen F Nicholas wrote:
> Slap me if I read this incorrectly. People surf the web under their root
> account ?? :-(
>
> =======================================================
> | Steve Nicholas | |
> | Software Systems Engineer | A risk is not a risk |
> | Georgia State University | until it is taken. |
> | snicholas at gsu.edu | |
> | 404-651-1062 | BBROYGBVGW |
> =======================================================
>
> On Wed, 15 Jan 2003, Dow Hurst wrote:
>
> > This is a good reason to follow Bob Toxen's philosophy of working with
> > untrusted files as a separate user. You have the power under Linux to
> > protect yourself!
> >
> > Bob recommends web browsing as a separate user. Especially if you are
> > using plugins, java, or javascript enabled. I think ssh'ing to your
> > machine as the untrusted user to run the apps would work okay. Or, for
> > the dual screen people, instead of running Xinerama, use two separate
> > Xservers and log in as separate users.
> > Dow
> >
> >
> > James P. Kinney III wrote:
> >
> > >I really don't like seeing stuff like this for ANY operating system
> > >platform. I especially hate seeing it for Linux systems.
> > >
> > >http://www.theage.com.au/articles/2003/01/15/1042520656903.html
> > >
> > ><cut-n-paste>
> > >
> > >Linux trojan starts circulating
> > >January 15 2003
> > >
> > >
> > >
> > >An exploit for the Linux mpg123 mp3 player has started circulating,
> > >following the release of the code for the same by the Gobbles security
> > >group.
> > >
> > >Anti-virus software maker Symantec has christened it as
> > >Trojan.Linux.JBellz.
> > >
> > >The trojan arrives as a malformed .mp3 file and when played with a
> > >specific version of the mpg123 player, the code is executed. All the
> > >files in the home directory of the current user are deleted, recursing
> > >into subdirectories.
> > >
> > >Symantec said version pre0.59s of the mpg123 player had been verified to
> > >be vulnerable on SuSE Linux 8.0 and Slackware Linux 8.0.
> > >
> > >
> > >
> >
> > --
> > __________________________________________________________
> > Dow Hurst Office: 770-499-3428
> > Systems Support Specialist Fax: 770-423-6744
> > 1000 Chastain Rd., Bldg. 12
> > Chemistry Department SC428 Email:dhurst at kennesaw.edu
> > Kennesaw State University Dow.Hurst at mindspring.com
> > Kennesaw, GA 30144
> > *********************************
> > *Computational Chemistry is fun!*
> > *********************************
> >
> >
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://www.ale.org/mailman/listinfo/ale
> >
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
--
-------------------------------------------------------------------------
-------------------------------------------------------------------------
"Here's my family tree. As far as I can tell, my relatives were
carnival folk who were touring this place called Hiroshima in
the summer of 1945. Because they lost most of their hair, they
mostly married each other. And here I am"
-------------------------------------------------------------------------
-------------------------------------------------------------------------
(,,oBo,,)
Wylde Bill ||||
__________________________________________ http://lyst.org
http://mrpooter.sytes.net
wyldechylde at geocities.com
-------------------------------------------------------------------------
-------------------------------------------------------------------------
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list