[Full-disclosure] Re: Backdoor in RelevantKnowledge adware (What are wefighting for?)

From: davek_throwaway at hotmail.com (Dave "No, not that one" Korn)
Subject: [Full-disclosure] Re: Backdoor in RelevantKnowledge adware (What are wefighting for?)
Date: Tue May 30 15:20:06 2006

3APA3A wrote:

> RelevantKnowledge   was   found  to  contain  backdoor  proxy
> component
> rlvknlg.exe   (Marketscore  OSSProxy),  which  is  configured  to
> allow
> incoming  network  connections  on TCP/8254, probably acts as open
> proxy
> and  also performs keylogging and monitoring for active windows
> content.
> Component can not be disabled by user.
>
> Details (by YAG KOHHA, Lame):

Good analysis, but you're not the first:

http://www.cit.cornell.edu/computer/security/marketscore/technical.html

    cheers,
      DaveK
-- 
Can't think of a witty .sigline today....

References:
- [Full-disclosure] Backdoor in RelevantKnowledge adware (What are we fighting for?)
  - From: 3APA3A

Prev by Date: [Full-disclosure] [ MDKSA-2006:093 ] - Updated dia packages fix string format vulnerabilities.
Next by Date: [Full-disclosure] [ GLSA 200605-17 ] libTIFF: Multiple vulnerabilities
Previous by thread: [Full-disclosure] Backdoor in RelevantKnowledge adware (What are we fighting for?)
Next by thread: [Full-disclosure] [ GLSA 200605-16 ] CherryPy: Directory traversal vulnerability
Index(es):
- Date
- Thread

TechLists.org

Technical Mailing List Archives

Links

Lists

Latest Updates

[Full-disclosure] Re: Backdoor in RelevantKnowledge adware (What are wefighting for?)