Help
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Posted 28 September 2005 - 08:39 AM
Please be careful with all email messages containing Microsoft Access attachments. This new exploit capitalizes on an unpatched MS Jet Engine vulnerability that creates a compromise to system security until the virus is removed
Backdoor.Hesive - 0 Day MS Access Jet Engine Exploit
http://secunia.com/virus_information/21954/hesive/
Backdoor.Hesive is a Trojan horse that opens a back door on the compromised computer and allows a remote attacker unauthorized access. The Trojan may arrive as a Microsoft Access file that exploits the Microsoft Jet Database Engine Malformed Database File Buffer Overflow Vulnerability (described in Bugtraq ID 12960).
Microsoft Jet Database Engine Malformed Database File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/12960/info
Solution: Currently we are not aware of any vendor-supplied patches for this issue
Allows the remote attacker the ability to perform the following actions:
List active ports
List processes, services, and threads
Download and execute remote files
Upload files
Run a system shell
Modify registry values
End processes
Get system information
Get network information
Post collected data to hostile web site
Backdoor.Hesive - 0 Day MS Access Jet Engine Exploit
http://secunia.com/virus_information/21954/hesive/
Backdoor.Hesive is a Trojan horse that opens a back door on the compromised computer and allows a remote attacker unauthorized access. The Trojan may arrive as a Microsoft Access file that exploits the Microsoft Jet Database Engine Malformed Database File Buffer Overflow Vulnerability (described in Bugtraq ID 12960).
Microsoft Jet Database Engine Malformed Database File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/12960/info
Solution: Currently we are not aware of any vendor-supplied patches for this issue
Allows the remote attacker the ability to perform the following actions:
List active ports
List processes, services, and threads
Download and execute remote files
Upload files
Run a system shell
Modify registry values
End processes
Get system information
Get network information
Post collected data to hostile web site
This post has been edited by harrywaldron: 28 September 2005 - 08:39 AM
Back to top
