I am vulnerable ^^

Discussion in 'malware problems & news' started by dorgane, Apr 22, 2009.

Thread Status:
Not open for further replies.
  1. dorgane

    dorgane Registered Member

    Joined:
    Oct 17, 2007
    Posts:
    362
    hi,
    i test in this url :
    http://www.finjan.com/Content.aspx?id=577

    Ddos :


    VBDemo :

    and others...
     
  2. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
    That is more an issue with applications having outstanding vulnerabilities that need to be patched. Why would the AV scanner detect this when nothing malicious is happening?
     
  3. dorgane

    dorgane Registered Member

    Joined:
    Oct 17, 2007
    Posts:
    362
    ooooo

    powned...
    hacked.JPG

    use eset smart security 4.0.417...
     
  4. dorgane

    dorgane Registered Member

    Joined:
    Oct 17, 2007
    Posts:
    362
    I use IE8 on xp pro with all updates (java, flash, ie8, os are patch and legal !)
     
  5. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    Hello,
    the first link says it wasnt blocked with IE8
    but when you click on run test you should have a yelllow ballon popup at the top of the window saying this website wants to install something.
    in otherwords it is blocked...
    if you accepted that warning and installed the conponant that it wanted to install its your own fault and would be in the case of a real threat.

    only works with IE because it uses activex... doesnt work with opera or anything web browser.

    while IE8 is the only browser it works with IE8 still blocks it and asks the user if they wish to install it.

    its quite funny that the one thats meant to drop a folder and a text file to the C: drive said it wasnt blocked yet nothing has appeared on C:
    i thought finjan knew what they was doing. seems i was wrong.

    all i can say is standard user account IE protected mode and UAC work very well.


    BTW what type of account do you use?
     
    Last edited: Apr 22, 2009
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    This thread would deserve moving to a completely different forum where general security and vulnerability problems are discussed.
     
  7. dorgane

    dorgane Registered Member

    Joined:
    Oct 17, 2007
    Posts:
    362
    automatic translation:
    I do not agree. When a worrm virus from msn, you accept it anyway and still protects nod32.
    I think a module: "prevention exploit" would be great!
    it would block this type of script.
     
  8. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    Lots of threats are detected heuristically through the exploits. This is not an exploit and it is not a threat, it is simply you clicking ok to a download, understand?
     
  9. BrendanK.

    BrendanK. Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    520
    Location:
    Australia
    I'm protected on IE7 :'( I have the security policy set on high by default so all of those tests are a pass for me :D
     
  10. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
    So you're asking your antivirus product to surplant the security framework of a completely different application as well as somehow "patching" buffer overflows?

    That's just plain silly.
     
  11. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    This test is meaningless. Why would you run an unknown ActiveX on your machine? It's no different than running any other executable, for that matter.

    Go ahead and delete a few .sys files ... Same thing.

    Mrk
     
Loading...
Thread Status:
Not open for further replies.