-
February 10th, 2002, 02:48 AM
#1
AOL Instant Kiss!
My girlfriend was on the internet today and someone sent her a AOL Instant Kiss! AOL Instant Kiss is a e-mail that will steal your Screen name and password if the user click's on it the sends the information back to the Script Kiddy... This Subj: Someone has been thinking of you! < /html>< font ptsize=1>
Date: 2/9/02 2:53:18 PM Pacific Standard Time
From: ktsfr
BCC: Ezkmogrl420
AOL Insta-Kiss
Dear AOL Member
Someone thinks very highly of you and has sent you an AOL Insta-Kiss.
The AOL Insta-Kiss is a way for people to express their emotions for others
with America Online. The Insta-Kiss can be the start of a long lasting
romance
or a way to show that special someone just how much you care.
To view your AOL Insta-Kiss Click Here.
Would you like to send me or someone else a kiss?
It's easy with Love@AOL's InstaKiss.
The AOL Insta-Kiss is just one of the many cool things
you can find in Love@AOL. You have been sent an AOL Insta-Kiss
Where it says click here to view your AOL INSTANT KISS I held my cursor over the link and it said http://greetings.aol.com@209.202.218.12/al4/instant kiss so I did a scan to see who it was and this was the results
Stealth Report
Stealth report for www.angelfire.com (209.202.218.12)
Date: 2/9/02 6:05:04 PM
Scan Rule: Top 20 Scan
209.202.218.12
Host name: www.angelfire.com
Port: 80
Server: Apache/1.3.9 (Unix) FrontPage/5.0.2.2510
Server may have HTTP vulnerabilities/exposures. (12 items)
Special Request
Risk Level: High
Location: http://209.202.218.12/MSADC/..%%35%6...32/cmd.exe?/c+
IIS Unicode Vulnerability.
Special Request
Risk Level: High
Location: http://209.202.218.12/MSADC/..%%35c....32/cmd.exe?/c+
IIS Unicode Vulnerability.
Special Request
Risk Level: High
Location: http://209.202.218.12/cgi-bin/..%%35....exe?/c+dir+c:
IIS Unicode Vulnerability.
Special Request
Risk Level: High
Location: http://209.202.218.12/msadc/..%%35%6...32/cmd.exe?/c+
IIS Unicode Vulnerability.
Special Request
Risk Level: High
Location: http://209.202.218.12/msadc/..%%35c....32/cmd.exe?/c+
IIS Unicode Vulnerability.
Special Request
Risk Level: High
Location: http://209.202.218.12/pbserver/..%%3....exe?/c+dir+c:
IIS Unicode Vulnerability.
Special Request
CVE: CAN-2000-0884
Risk Level: Medium
Location: http://209.202.218.12/scripts/..%bg%...cmd.exe?/c+dir
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
Special Request
CVE: CAN-2000-0884
Risk Level: Medium
Location: http://209.202.218.12/scripts/..%bg%...cmd.exe?/c+dir
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
Special Request
CVE: CAN-2000-0884
Risk Level: Medium
Location: http://209.202.218.12/scripts/..%bg%...cmd.exe?/c+dir
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
Special Request
CVE: CAN-2000-0884
Risk Level: Medium
Location: http://209.202.218.12/scripts/..%cg%...cmd.exe?/c+dir
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
Special Request
CVE: CAN-2000-0884
Risk Level: Medium
Location: http://209.202.218.12/scripts/..%t0%...cmd.exe?/c+dir
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
Special Request
CVE: CAN-2000-0884
Risk Level: Medium
Location: http://209.202.218.12/scripts/..%t0%...cmd.exe?/c+dir
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
How can I get this guy to stop sending mail to my AOL ACCOUNTS!I called AOL they did nothing ...
I put the changed all the privacy settings high.
-
February 10th, 2002, 02:52 AM
#2
You need to call Angelfire dude and report the account "al4" for doing this. They should be prompt and suspend it. AOL has nothing to do with this guy.
-
February 10th, 2002, 02:53 AM
#3
Oh, you could also forward the email, if it is from a fellow AOL member, to screenname "TOSSPAM" They'll take care of it if he/she has AOL service.
-
February 10th, 2002, 02:54 AM
#4
Wow... Where did you do that scan?
-
February 10th, 2002, 02:55 AM
#5
-
February 10th, 2002, 02:58 AM
#6
ac1dsp3ctrum
Wow... Where did you do that scan?
I used the program Stealth 2.0
very tight!
-
February 10th, 2002, 02:59 AM
#7
Stealth is a really kool prog. I've used it many times before.
-
February 10th, 2002, 03:02 AM
#8
If you go to www.neworder.box.sk you can get Advanced Administration Tools this is pretty tight to.
-
February 10th, 2002, 03:10 AM
#9
I think this scam is the one where you have to goto the 'Insta Kiss' site. Then enter your screen name and password to find out who sent you the alledged kiss.
Now if your dumb enough to give your screen name AND password to someone, well maybe you deserve the tag 'idiot' or '*******'.
-
February 10th, 2002, 03:14 AM
#10
the_g_nee: But it's his girlfriend he's talking about, not him...she might not be too internet/security-literate.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|