Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re:Sircam

From: Kimberly Anne McKinnis <elf () nauticom net>
Date: Wed, 25 Jul 2001 16:14:40 -0400
From what I've read, it looks for any email addresses on the system, not

just in address books. So if webmaster@ was posted on a webpage somewhere,
that may be the cause.

This subject line is causing some peoples mail servers to reject the mail.
Somehow I doubt the real virus is actually going to send with that subject.

Tom Geldner wrote:


-----Original Message-----
From: Johnson, Greg [mailto:JohnsonG () missouri edu]



Don't let the e-mail tip-off fool you.

In our University environment we find this and related worms
spread primarily via unprotected writeable Windows shares.  It
also gets in when a user without up-to-date anti-virus
software accesses an e-mail server other than our own which
has an anti-virus filter. Bim-ba-boom!


Some of our corporate accounts have been pounded on by a particular user
on verizon.net. None of those e-mail addresses are from someone's
address book. They are all things like info@, webmaster@, postmaster@
etc. so in our case, someone seems to be trying to propogate it
deliberately.

Tom


--
kimmie mckinnis
http://www.starjewel.org
icq:186072/aol:starbreiz
Previous By Date Next
Previous By Thread Next

Current thread: