nanog mailing list archives
Re: maybe this should be on sec focus but.
From: Gregory Hicks <ghicks () cadence com>
Date: Fri, 1 Aug 2003 11:43:10 -0700 (PDT)
It seems to come with a message attachment of "message.zip". The body of the message goes something like this: ----------------------------------------- From: Admin Sent: Friday, August 01, 2003 11:25 AM To: <user-ID> Subject: your account <some-random-string> Importance: High Hello there, I would like to inform you about important information regarding your email address. This email address will be expiring. Please read attachment for details. --- Best regards, Administrator <same-random-string-as-in-subject-line> Attachment seems to be "message.zip" ----------------------------------------- I would have sent this to the security list, but I got dropped today. Regards, Gregory Hicks
Date: Fri, 1 Aug 2003 14:27:26 -0400 From: Damian Gerow <damian () sentex net> To: "'nanog () merit edu'" <nanog () merit edu> Subject: Re: maybe this should be on sec focus but. X-GPG-Key-Id: 0xB841F142 X-GPG-Fingerprint: C7C1 E1D1 EC06 7C86 AF7C 57E6 173D 9CF6 B841 F142 Thus spake Drew Weaver (drew.weaver () thenap com) [01/08/03 14:25]:I have had like 4 users call and tell me that they're
receiving
email from admin@ourdomainname with a unidentified attachment,
possibly a
worm that exploits the new Microsoft vulnerability last week, all 4
of these
people reported that their updated this morning antivirus software
missed
it.The latest NAI definitions catch it as Exploit-Codebase (which I
*think* is
just a general catchall). We have an open ticket with F-Prot for
this, and
are currently waiting on updated definitions from them. - Damian
--------------------------------------------------------------------- Gregory Hicks | Principal Systems Engineer Cadence Design Systems | Direct: 408.576.3609 555 River Oaks Pkwy M/S 6B1 | Fax: 408.894.3479 San Jose, CA 95134 | Internet: ghicks () cadence com Never attribute to malice that which is adequately explained by ignorance or stupidity. Asking the wrong questions is the leading cause of wrong answers "The best we can hope for concerning the people at large is that they be properly armed." --Alexander Hamilton
Current thread:
- maybe this should be on sec focus but. Drew Weaver (Aug 01)
- Re: maybe this should be on sec focus but. Damian Gerow (Aug 01)
- Re: maybe this should be on sec focus but. Scott Granados (Aug 01)
- RE: maybe this should be on sec focus but. Bob German (Aug 01)
- Re: maybe this should be on sec focus but. Forrest Houston (Aug 01)
- Re: maybe this should be on sec focus but. Patrick_McAllister (Aug 01)
- Re: maybe this should be on sec focus but. Mike Tancsa (Aug 01)
- Re: maybe this should be on sec focus but. Joe Boyce (Aug 01)
- <Possible follow-ups>
- RE: maybe this should be on sec focus but. Drew Weaver (Aug 01)
- Re: maybe this should be on sec focus but. Gregory Hicks (Aug 01)