Full Disclosure mailing list archives
RE: [SPAM] Fw: Joke.cpl ???
From: "Todd Towles" <toddtowles () brookshires com>
Date: Fri, 29 Oct 2004 09:45:57 -0500
We have had this talk on FD before...just search for AV Naming in the archives....fun stuff.
-----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Hugo van der Kooij Sent: Friday, October 29, 2004 7:54 AM To: Full-Disclosure () lists netsys com Subject: Re: [SPAM] Fw: [Full-disclosure] Joke.cpl ??? On Fri, 29 Oct 2004, Daniel Bachfeld wrote:So far we have Bagle AQ, AT, AU, AY and BB for the same worm More proposals? This is the biggest divergence i've seen the last months.Is there anyreason, why the vendors could not agree on one name? Wealready haveCVE-entries and Bugtraq-IDs for vulnerabilities.So far I noticed at least two distinct files which were detected as W32/Bable.AP@mm (F-Prot) or Worm.Bagle.AT (ClamAV). Now I get freash trash Which is decoded as W32/Bagle.AQ@mm (F-Prot) or Worm.Bagle.AX (ClamAV). I am under the impression it is not a single infection. But I share your sense of utter confusion. To which the people of ClamAV have contributed way too much. (Noticed their 'SomeFool'series?) Hugo. -- I hate duplicates. Just reply to the relevant mailinglist. hvdkooij () vanderkooij org http://hvdkooij.xs4all.nl/ Don't meddle in the affairs of magicians, for they are subtle and quick to anger. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: [SPAM] Fw: Joke.cpl ??? Todd Towles (Oct 29)