[esa-l] Status update: Bubbleboy
John D. Hardin
jhardin at wolfenet.com
Sun Nov 14 17:11:54 PST 1999
Bubbleboy isn't that interesting; it's an embedded VBScript script
that makes use of a hole in an ActiveX control to write another
VBScript script into the user's startup folder. The sanitizer defangs
it effectively, preventing execution.
Bubbleboy source code is available via:
http://www.virusexchange.org/tally/author.html
which has a link to the website of the author, "Zulu".
--
John Hardin KA7OHZ ICQ#15735746 http://www.wolfenet.com/~jhardin/
jhardin at wolfenet.com pgpk -a finger://gonzo.wolfenet.com/jhardin
768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76
1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Monty Python's Star Trek Voyager:
A successful trans-warp experiment turns Paris and Janeway into
newts, but they get better.
...wait a minute... It's already been done...
-----------------------------------------------------------------------
3 days until Leonid meteor shower
--------------------------------------------------------------------------
To remove yourself from the Email-Security-Announce list, send a message
with the subject of "unsubscribe" to esa-l-request at spconnect.com.
More information about the esd-l
mailing list