[Dshield] new msblaster on the loose?
lists at webcrunchers.com
Wed Aug 13 20:37:12 GMT 2003
>This message was converted from multipart/signed to ascii armored
>-----BEGIN PGP SIGNED MESSAGE-----
>On Wed, 2003-08-13 at 13:46, Craig Shaw wrote:
>> Trend and Symantec have both reported a new variant.
>if anybody managed to capture one of the variants, please send it along.
>It should be fairly easy using netcat (and a tftp client to pull the
>binary, if it
>still uses tftp)
I aso want a dis-assembled ver of it as well. I'm faced with the responsibility of getting a snort rule for it ASAP.
More information about the list