Js_realplay.j

12-25-2007

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

Js_realplay.j

This exploit is hosted on a Web site and runs when a user accesses the said Web site.
It takes advantage of a known vulnerability in several versions of the media player RealPlayer that causes a stack overflow and allows the download of possibly malicious files on the affected system.
Before exploiting the abovementioned vulnerability, this exploit first checks if the affected machine is running Windows 2000 or Windows XP with Internet Explorer 6 or 7. It also checks if RealPlayer is installed on the system and what version of the player is installed to determine the first few bytes of shell code that it writes on the affected system.
Once it successfully exploits the said vulnerability, this exploit connects to a certain URL to download a malicious file which is detected by Trend Micro as PE_MUMAWOW.AO-O. As a result, malicious routines of the downloaded file may be exhibited on the affected system.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

CipUX::CAT::Web::Module::ServerInfo(3pm) User Contributed Perl Documentation CipUX::CAT::Web::Module::ServerInfo(3pm) NAME
CipUX::CAT::Web::Module::ServerInfo - Lists all perl versions of CipUX VERSION
This document describes CipUX::CAT::Web::Module::ServerInfo version 3.4.0.3 SYNOPSIS
This CAT Web module can be used to see installed CipUX Perl module versions. DESCRIPTION
This CAT Web module can be used to see installed CipUX Perl module versions. INTERFACE
module Use this method to start the list. DIAGNOSTICS
Throws the error To use this module, please install Module::List::Pluggable! if Module::List::Pluggable is not installed. CONFIGURATION AND ENVIRONMENT
CipUX::CAT::Web::Module::ServerInfo requires no configuration files or environment variables. However it merges its configuration from CipUX::CAT::Web::Module and itself. DEPENDENCIES
Log::Log4perl CipUX::CAT::Web::Module Module::List::Pluggable INCOMPATIBILITIES
None reported. BUGS AND LIMITATIONS
No bugs have been reported. AUTHOR
Christian Kuelker "<christian.kuelker@cipworx.org>" LICENCE AND COPYRIGHT
Copyright (C) 2010, Christian Kuelker "<christian.kuelker@cipworx.org>". All rights reserved. This module is free software; you can redistribute it and/or modify it under the GNU GPL licence version 2 or any later version. DISCLAIMER OF WARRANTY
BECAUSE THIS SOFTWARE IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE SOFTWARE, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE SOFTWARE "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE SOFTWARE IS WITH YOU. SHOULD THE SOFTWARE PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR, OR CORRECTION. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE SOFTWARE AS PERMITTED BY THE ABOVE LICENCE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE SOFTWARE (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE SOFTWARE TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. perl v5.14.2 2012-12-07 CipUX::CAT::Web::Module::ServerInfo(3pm)

Malware Advisories (RSS)

Js_realplay.j

LEARN ABOUT DEBIAN

cipux::cat::web::module::serverinfo