Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Backdoor.Hesive - Zero Day MS Access Exploit


  • Please log in to reply
No replies to this topic

#1 harrywaldron

harrywaldron

    Security Reporter


  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:06:26 AM

Posted 28 September 2005 - 08:39 AM

Please be careful with all email messages containing Microsoft Access attachments. This new exploit capitalizes on an unpatched MS Jet Engine vulnerability that creates a compromise to system security until the virus is removed

Backdoor.Hesive - 0 Day MS Access Jet Engine Exploit
http://secunia.com/virus_information/21954/hesive/

Backdoor.Hesive is a Trojan horse that opens a back door on the compromised computer and allows a remote attacker unauthorized access. The Trojan may arrive as a Microsoft Access file that exploits the Microsoft Jet Database Engine Malformed Database File Buffer Overflow Vulnerability (described in Bugtraq ID 12960).


Microsoft Jet Database Engine Malformed Database File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/12960/info

Solution: Currently we are not aware of any vendor-supplied patches for this issue

Allows the remote attacker the ability to perform the following actions:

List active ports
List processes, services, and threads
Download and execute remote files
Upload files
Run a system shell
Modify registry values
End processes
Get system information
Get network information
Post collected data to hostile web site

Edited by harrywaldron, 28 September 2005 - 08:39 AM.


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users