Full Disclosure mailing list archives
RE: SpamAssasin - path disclosure
From: Kane Lightowler <kane.lightowler () it alstom com au>
Date: Mon, 25 Aug 2003 06:53:05 +1000
As previously explained this is not spam assassin this is Trend Micro Interscan VirusWall http://www.trendmicro.com/en/products/gateway/isvw/evaluate/overview.htm Regards, Kane Lightowler -----Original Message----- From: morning_wood [mailto:se_cur_ity () hotmail com] Sent: Sunday, 24 August 2003 4:13 PM To: full-disclosure () lists netsys com Subject: [Full-disclosure] SpamAssasin - path disclosure funny things... SpamAssassin results 1. spoof 80.179.152.112.forward.012.net.il (80.179.152.112) Whois: 80.179.152.0 - 80.179.171.255 Please Send Abuse/SPAM complaints To abuse () 012 net DNS REG 25 Hsivim st. Petach-Tiikva, Israel dnsreg () 012 net il 2. path reveal The uncleanable file details.pif is moved to /etc/iscan/virus/virZNvE0n -------------------------- snip ------------------------- Return-Path: <morning_wood () exploitlabs com> Received: (qmail 2425 invoked by uid 504); 21 Aug 2003 15:03:01 -0000 Received: from localhost (HELO iceman.incidents.org) (127.0.0.1) by 0 with SMTP; 21 Aug 2003 15:03:01 -0000 Received: (qmail 2164 invoked from network); 21 Aug 2003 15:02:30 -0000 Received: from 80.179.152.112.forward.012.net.il (HELO SKUNK) (80.179.152.112) by 0 with SMTP; 21 Aug 2003 15:02:30 -0000 From: <morning_wood () exploitlabs com> To: <intrusions-digest-subscribe () incidents org> Date: Thu, 7 Jan 1999 14:20:55 +0200 X-MailScanner: Found to be clean Importance: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MSMail-Priority: Normal X-Priority: 3 (Normal) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="_NextPart_000_0E151FE1" X-Spam-Status: Yes, hits=8.0 required=6.5 tests=AWL,DATE_IN_PAST_96_XX,FORGED_MUA_OUTLOOK, MIME_BOUND_NEXTPART,MISSING_MIMEOLE,NO_REAL_NAME, RAZOR2_CHECK version=2.53 X-Spam-Level: ******** X-Spam-Checker-Version: SpamAssassin 2.53 (1.174.2.15-2003-03-30-exp) X-Spam-Report: ---- Start SpamAssassin results 8.00 points, 6.5 required; * 0.7 -- From: does not include a real name * 2.0 -- Listed in Razor2, see http://razor.sf.net/ * 2.0 -- Date: is 96 hours or more before Received: date * 3.3 -- Forged mail pretending to be from MS Outlook * 0.5 -- Message has X-MSMail-Priority, but no X-MimeOLE * 0.4 -- Spam tool pattern in MIME boundary * -0.9 -- AWL: Auto-whitelist adjustment ---- End of SpamAssassin results X-Spam-Flag: YES Subject: *****SPAM***** Your details This is a multipart message in MIME format --_NextPart_000_0E151FE1 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit ------------------ Virus Warning Message (on the network) Found virus WORM_SOBIG.F in file details.pif The uncleanable file details.pif is moved to /etc/iscan/virus/virZNvE0n --------------------- snip --------------------------- Donnie Werner http://e2-labs.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html CONFIDENTIALITY: This e-mail and any attachments are confidential and may be privileged. If you are not a named recipient,please notify the sender immediately and do not disclose the contents to another person, use it for any purpose or store or copy the information in any medium.
Current thread:
- SpamAssasin - path disclosure morning_wood (Aug 24)
- Re: SpamAssasin - path disclosure Evert Jan van Ramselaar (Aug 24)
- <Possible follow-ups>
- RE: SpamAssasin - path disclosure Kane Lightowler (Aug 24)
- Re: SpamAssasin - path disclosure morning_wood (Aug 24)
- RE: SpamAssasin - path disclosure ViLLaN (Aug 24)
- Re: SpamAssasin - path disclosure morning_wood (Aug 24)
- RE: SpamAssasin - path disclosure ViLLaN (Aug 24)
- Interscan - path disclosure - WAS:SpamAssasin - path disclosure morning_wood (Aug 24)
- Re: Interscan - path disclosure - WAS:SpamAssasin - path disclosure Steffen Kluge (Aug 24)
- RE: Interscan - path disclosure - WAS:SpamAssasin - path disclosure Bojan Zdrnja (Aug 24)
- Re: SpamAssasin - path disclosure morning_wood (Aug 24)
- Re: SpamAssasin - path disclosure Valdis . Kletnieks (Aug 27)