Bug in hotmail

[security <security () kalamiteit nl>]

hi all,
i am not a  person that posts to bugtraq really, but more a person that 
reads from it!
well the thing is, I was checking my hotmail account, as i saw an e-mail 
from an old friend of mine, i saw an attachement, so i was already in 
doubt (but i was using gentoo anyways .. so not realy affraid of 
something like that ), but when i looked at the file i saw that it was a 
zip file that had a .txt file in it .. at least .. so it seamed. after 
downloading the file and extracting it , was look ing at the file name 
which was :

tmp $ ls -l dump.
dump.txt                                                                                                                                                                           
.scr
dump.zip

weird!!!!

$ ls -l dump.txt\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ 
\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ 
\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ 
\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ 
\ \ \ \ \ \ \ \ \ \ \ \ \ \ .scr
-rw-r--r--  1 crocco users 53248 Aug 13  1985 
dump.txt                                                .scr

Ah makes more sense!!

$ file dump.txt\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ 
\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ 
\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ 
\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ 
\ \ \ \ \ \ \ \ \ \ \ \ \ .scr
dump.txt  .scr: MS-DOS executable (EXE), OS/2 or MS Windows

Funny, as i saw that i was 100% sure that it was a virus! although it 
was labeled as NO VIRUS FOUND on the hotmail site( i was thinking that 
it should be " no known viruses found") 
it was confirmed by friends of mine after i asked them to scan it for 
virusseson windows machines!

now, i can only come to 1 conclusion. the virus scanner of hotmail, does 
not check filenames as long as our file in question here!
and because many people would simply believe that it is virusfree and 
that it could again cause some new  virusrage i thaught it was pretty 
important and posted it in bugtraq!

cheers