Re: [Full-Disclosure] A worm...

From: ATD (simon_at_snosoft.com)
Date: 06/26/03

  • Next message: Carsten H. Eiram: "[VulnWatch] Secunia Research: FTPServer/X Response Buffer Overflow Vulnerability" 
    To: Nexus <nexus@patrol.i-way.co.uk>
Date: 26 Jun 2003 12:19:45 -0400

    I agree with you 100% but you do realize that the challenge is to
    educate executives that do not understand, or care to understand
    security. They just "want it to work". Being an executive myself, I
    understand that mentality, but I also understand the value of knowledge.

    On Thu, 2003-06-26 at 10:59, Nexus wrote:
    > ----- Original Message -----
    > From: "Peter Kruse" <kruse@krusesecurity.dk>
    > To: <full-disclosure@lists.netsys.com>
    > Sent: Thursday, June 26, 2003 1:57 PM
    > Subject: SV: [Full-Disclosure] A worm...
    >
    > [snip]
    >
    > > malicious code inside the new rar format and spread it. I suppose itīs
    > > fairly easy to write a worm that packs itself with a random password and
    > > inserts this into a e-mail sent to the victim. This way it will pass
    > > most AV-gateway scanners since they won't have access to scan inside the
    > > zipe archive.
    >
    > In that case [the content analysis engine] should automatically quarantine
    > the attachment and await human intervention.
    > Otherwise, why bother with them at all ? It's an odd world when the
    > preferred solution is an application rather than user edumacation.
    >
    > Cheers.
    >
    > _______________________________________________
    > Full-Disclosure - We believe in it.
    > Charter: http://lists.netsys.com/full-disclosure-charter.html

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Carsten H. Eiram: "[VulnWatch] Secunia Research: FTPServer/X Response Buffer Overflow Vulnerability"