Security Incidents mailing list archives
Re: recent sadmin worm
From: "Vitaly Osipov" <vosipov () wolfegroup ie>
Date: Tue, 15 May 2001 14:42:47 +0100
it's not _live_ or dead :) it's just an exploit program, and btw you have to spend some minutes to make it working (it's not that one-click microsoft malware :))) ) Anyway it's a tool, a piece to be studied. It can only become "bad" if you give it a list of addresses to deface, if _you_ put it to a machine where perl and specific modules are, and finally execute it... As I already said, I do not understand this tendency in antivirus software scanners... The funniest part is that some messages from those stupid programs contained stuff like "inappropriate language detected", not mentioning the descriptions of where they put that file - local paths, mail servers structure etc :) pretty much of information disclosed this way - I did not ever think about such a problem. ----- Original Message ----- From: "Riess, Bob" <briess () amerix com> To: "'Vitaly Osipov'" <vosipov () wolfegroup ie>; <INCIDENTS () SECURITYFOCUS COM> Sent: Tuesday, May 15, 2001 2:33 PM Subject: RE: recent sadmin worm
Vitaly, My viruswall killed the attachment to your post, as it should. It's really not a good idea to send out live malware, even with the best of intentions... -br -----Original Message----- From: Vitaly Osipov [mailto:vosipov () wolfegroup ie] Sent: Monday, May 14, 2001 11:59 am To: INCIDENTS () SECURITYFOCUS COM Subject: recent sadmin worm ****** Message from InterScan E-Mail VirusWall NT ****** ** WARNING! Attached file uniattack.zip contains: PERL_SADMIND.A virus in compressed file uniattack.pl Attempted to clean the file but it is not cleanable. It has been deleted. ***************** End of message ***************
Current thread:
- recent sadmin worm Vitaly Osipov (May 14)
- Re: recent sadmin worm Vitaly Osipov (May 15)
- Re: recent sadmin worm Ryan Russell (May 15)
- Re: recent sadmin worm Devdas Bhagat (May 15)
- Re: recent sadmin worm Nick FitzGerald (May 16)
- Re: recent sadmin worm Ryan Russell (May 15)
- <Possible follow-ups>
- Re: recent sadmin worm Vitaly Osipov (May 15)
- Re: recent sadmin worm Robert Kinsey - VIS Contractor (May 15)
- Re: recent sadmin worm Vitaly Osipov (May 15)