httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jose Correia (J)" <Corr...@telkom.co.za>
Subject RE: [users@httpd] UNSUSCRIBE
Date Thu, 24 Oct 2002 07:07:28 GMT
Hi Pierre

Rather send an email to users-unsubscribe@httpd.apache.org 

-----Original Message-----
From: Pierre [mailto:pierre@gxist.com]
Sent: 24 October 2002 08:56
To: users@httpd.apache.org
Subject: [users@httpd] UNSUSCRIBE




-----Message d'origine-----
De : Lee Grey [mailto:leegrey@mindspring.com] 
Envoyé : mercredi 23 octobre 2002 22:57
À : users@httpd.apache.org
Objet : RE: [users@httpd] JAVASCRIPT VIRII - myth? or fact?

This sounds like a bug in the Javascript interpreter.  Like Java,
Javascript
is supposed to be in a sandbox and unable to do such things.

Lee Grey
http://www.URLinOne.com

-----Original Message-----
From: J. Greenlees [mailto:jaqui@shaw.ca]
Sent: Wednesday, October 23, 2002 4:47 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] JAVASCRIPT VIRII - myth? or fact?


Anders Widman wrote:
>>Everyone:
>
>
>>>>My wife went looking for information, one page that came up
>>>
>>>actually was
>>>
>>>>a javascript virus.
>>>
>
>>That's frightening.  Does anyone have a link or something?  I've not
heard
>>of this so I'd like to read up on it.
>
>
>>>>you may want to consider not having javascript enabled, this one
>>>>actually deleted command.com ( or the nt family equivalent )
>>>>and replaced with a corrupted one.
>>>
>
>>That's not a very realistic fix.
>
>
>>>>and unfortunately, javascript will even affect a unix based
>>>
>>>computer.
>>>
>>>>if the script is coded for it.
>>>
>>>And if you are using a browser that supports manipulating files on
the
>>>filesystem.....  Remember,  most  browsers  do  not  allow  for
this,
>>>especially without prompting.
>>
>
>>Does anyone know which browser will do this with and without
prompting?
>
>
> Yes.  Microsoft  Internet  Explorer, Microsoft Outlook, MSN
Messenger,
> Microsoft  Outlook Express, Microsoft Word, Microsoft Excel.....
There
> are more.......
>
>
>> ~ Robert
>
and netscape,
my wife was running netscape 7.0
zone alarm pro ( with script blocking enabled)
Norton Antivirus 2003

it still got through.

disable javascript and search google for javascript virus
symantec had a couple of known ones.
the page that infected her was in the netherlands.
I did send an email to the isp hosting the site.

disabling javascript is the only option until the antivirus software
can
catch the javascript virii.
at least if you don't want to risk the infection.

this type of thing can be done with any scripting language, though
clientside is easier to do it with, even server side can be corrupted
like this.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message