BleepingComputer.com: Backdoor.Hesive - Zero Day MS Access Exploit

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Backdoor.Hesive - Zero Day MS Access Exploit

#1 User is offline   harrywaldron 

  • Security Reporter
  • PipPipPipPip
  • Find Topics
  • Group: Members
  • Posts: 509
  • Joined: 10-April 04
  • Gender:Male
  • Location:Roanoke, Virginia

  Posted 28 September 2005 - 08:39 AM

Please be careful with all email messages containing Microsoft Access attachments. This new exploit capitalizes on an unpatched MS Jet Engine vulnerability that creates a compromise to system security until the virus is removed

Backdoor.Hesive - 0 Day MS Access Jet Engine Exploit
http://secunia.com/virus_information/21954/hesive/

Backdoor.Hesive is a Trojan horse that opens a back door on the compromised computer and allows a remote attacker unauthorized access. The Trojan may arrive as a Microsoft Access file that exploits the Microsoft Jet Database Engine Malformed Database File Buffer Overflow Vulnerability (described in Bugtraq ID 12960).


Microsoft Jet Database Engine Malformed Database File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/12960/info

Solution: Currently we are not aware of any vendor-supplied patches for this issue

Allows the remote attacker the ability to perform the following actions:

List active ports
List processes, services, and threads
Download and execute remote files
Upload files
Run a system shell
Modify registry values
End processes
Get system information
Get network information
Post collected data to hostile web site

This post has been edited by harrywaldron: 28 September 2005 - 08:39 AM

Microsoft Security Journal

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users