Security Incidents mailing list archives
Re: nimda subject line
From: Eric Chien <ecchien () yahoo com>
Date: Fri, 21 Sep 2001 13:13:07 -0700 (PDT)
Hello, W32.Nimda.A@mm uses random subject lines that are generated from email message bodies, filenames, and 'random junk in memory'. The 'random junk in memory' appears to be a bug on the author's part. ...Eric At 10:38 AM 9/20/2001 +0200, Thomas Roessler wrote:
On incidents.org, they write that Nimda e-mail can easily be recognized by the long, ugly, repetitive subject headers. This is not correct: Late on Sep 18, I received a Nimda-generated message with the subject line "Thank you". The payload was the same one you see
everywhere >else, with the usual four-byte variation. __________________________________________________ Do You Yahoo!? Get email alerts & NEW webcam video instant messaging with Yahoo! Messenger. http://im.yahoo.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- nimda subject line Thomas Roessler (Sep 20)
- Re: nimda subject line Thomas Roessler (Sep 20)
- <Possible follow-ups>
- Re: nimda subject line Eric Chien (Sep 21)