<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Bugtraq: CoDeX-W0rm - what happened here?

CoDeX-W0rm - what happened here?

From: Chuck Rock <carock_at_epcusa.com>
Date: Sun, 1 Feb 2004 14:09:15 -0600 (CST)

One of my stupid Windows servers has been hacked, and was running Serv-U
FTP with a login message of "This Pubstro Hacked By Mediax!"

I found what Pubstro's are, but when searching through the files in the
Serv-U folder, I found this in the install.log

CoDeX-W0rm has infiltrated the system succesfully!

I did a search on Yahoo and SecurityFocus, and could not find any results
for this.

Does anyone have any idea what this worm is, or with the info I've given
you, how they got into my system. This happened around Dec 27th 2003, and
I just found it :-(

Thanks,
Chuck Rock
Received on Feb 03 2004

This message: [ Message body ]
Next message: Marco Marabelli: "sqwebmail web login"
Previous message: Martin: "Re: Oracle toplink mapping workbench password algorithm"
Next in thread: Michael Marziani: "RE: CoDeX-W0rm - what happened here?"
Reply: Michael Marziani: "RE: CoDeX-W0rm - what happened here?"
Reply: Charley Hamilton: "Re: CoDeX-W0rm - what happened here?"
Reply: James C Slora Jr: "RE: CoDeX-W0rm - what happened here?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos