lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <B7C2C6BA798F3C4DBDD78BEDC1F8AD5701759666@nycmb01.law.sullcrom.com>
From: dowlingg at sullcrom.com (Dowling, Gabrielle)
Subject: SoBig.F strange problem

I believe F-Prot found that 10%  of transmissions by this virus do not
include the attachment, not due to a broken variant but just doto the
coding, and my apologies if I'm not attributing credit properly,  I'm
tired and there's been a lot of e-mail.   I cann definitivey say I
learned this from someone posting on AVIEN>

G

-----Original Message-----
From: Steve Bremer [mailto:steveb@...coinc.com] 
Sent: Wednesday, August 20, 2003 9:10 AM
To: full-disclosure@...ts.netsys.com
Subject: RE: [Full-Disclosure] SoBig.F strange problem


> line). But it seems to be broken in other areas, I think I'm getting

We've noticed a few problems with it as well.  We've received a few e-
mails with one of the typical Sobig subject lines, only no 
attachment.  The attachment headers are in the e-mail, so our MUA 
thinks there is an attachment, but there is just no "body" to the 
attachment.

Either there are a few broken variants out there sending out e-mail 
without the payload, or something in-between us and the sender is 
stripping out the attachment.  It isn't our AV system, since it would 
quarantine the entire message.

Has anyone else experienced this?

Steve Bremer
NEBCO, Inc.
System & Security Administrator

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


**********************************************************************
This e-mail is sent by a law firm and contains information
that may be privileged and confidential. If you are not the 
intended recipient, please delete the e-mail and notify us 
immediately. 
***********************************************************************


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ