Fw: [Full-Disclosure] Joke.cpl ???

From: Daniel Bachfeld (dab_at_heise.de)
Date: 10/29/04

  • Next message: Hugo van der Kooij: "Re: [SPAM] Fw: [Full-Disclosure] Joke.cpl ???" 
    To: <Full-Disclosure@lists.netsys.com>
Date: Fri, 29 Oct 2004 14:14:48 +0200

    So far we have Bagle AQ, AT, AU, AY and BB for the same worm
    More proposals?

    This is the biggest divergence i've seen the last months. Is there any
    reason, why the vendors could not agree on one name? We already have
    CVE-entries and Bugtraq-IDs for vulnerabilities.

    Why not build up a similar database, e.g. hosted at EICAR, where the vendors
    will enter there finding and give it a name. First come, first served.

    Daniel Bachfeld
    heise Security

    ----- Original Message -----
    From: "Daniel Bachfeld" <dab@heise.de>
    To: <Full-Disclosure@lists.netsys.com>
    Sent: Friday, October 29, 2004 12:48 PM
    Subject: Re: [Full-Disclosure] Joke.cpl ???

    >
    > Bagle.bb for nai http://vil.mcafeesecurity.com/vil/content/v_129509.htm
    >
    > and Bagle.at for TM
    >
    http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_BAGLE.AT
    >
    > dab
    > heisec
    >
    > ----- Original Message -----
    > From: "Daniel Bachfeld" <dab@heise.de>
    > To: <Full-Disclosure@lists.netsys.com>
    > Sent: Friday, October 29, 2004 12:19 PM
    > Subject: Re: [Full-Disclosure] Joke.cpl ???
    >
    >
    > > It's a new Bagle-Version: Bagle.ay
    > > it starts spreading a few hours ago.
    > >
    > > Daniel Bachfeld
    > > heise Security
    > > .
    > > ----- Original Message -----
    > > From: "altmann" <patrykgod@wp.pl>
    > > To: <Full-Disclosure@lists.netsys.com>
    > > Sent: Friday, October 29, 2004 11:34 AM
    > > Subject: [Full-Disclosure] Joke.cpl ???
    > >
    > >
    > > > Hi,
    > > >
    > > > I've five mails show up in my box just today all of them
    > > > have attachments with ".cpl" after the attachment name, i.e.
    > "Price.cpl",
    > > > "Joke.cpl" (below)
    > > >
    > > >
    > >
    >
    ////////////////////////////////////////////////////////////////////////////
    > >
    /////////////////////////////////////////////////////////////////////////
    > > > Note: This is an HTML message. For security reasons, only the raw HTML
    > > code is
    > > > shown. If you trust the sender of this message then you can activate
    > > > formatted HTML display for this message by clicking here.
    > > >
    > > >
    > > > <html><body>
    > > > :))
    > > >
    > > > <br>
    > > > </body></html>
    > > > Price.cpl
    > > >
    > >
    >
    ////////////////////////////////////////////////////////////////////////////
    > >
    //////////////////////////////////////////////////////////////////////////
    > > >
    > > > Do you know something more about this virus(?) ?
    > > > (Please don't write: search for it using Google)
    > > >
    > > > P.
    > > > altmann
    > > >
    > > > _______________________________________________
    > > > Full-Disclosure - We believe in it.
    > > > Charter: http://lists.netsys.com/full-disclosure-charter.html
    > > >
    > > >
    > >
    > > _______________________________________________
    > > Full-Disclosure - We believe in it.
    > > Charter: http://lists.netsys.com/full-disclosure-charter.html
    > >
    > >
    >

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Hugo van der Kooij: "Re: [SPAM] Fw: [Full-Disclosure] Joke.cpl ???"

    Relevant Pages

    • RE: [Full-Disclosure] Re: Full Disclosure != Exploit Release
      ... Vendors just loose track of reports of ... Subject: [Full-Disclosure] Re: Full Disclosure!= Exploit Release ... > "documented" means that there is proof both of proper notification ... "I don't intend to offend, ...
      (Full-Disclosure)
    • Re: [Full-disclosure] Odays offers
      ... What do you mean 'fuck the vendors put them on fd'? ... posts to fd has a 'fuck the vendors' mind set. ... Full-Disclosure - We believe in it. ...
      (Full-Disclosure)
    • RE: [Full-Disclosure] Windoze almost managed to 200x repeat 9/11
      ... corrects and troubleshoots things vendors did incorrectly. ... On the MS puppet piece, you once again have no clue of what you speak. ... [Full-Disclosure] Windoze almost managed to 200x repeat 9/11 ... clearly m$ is involved in this incident according to the press. ...
      (Full-Disclosure)
    • Re: [Full-disclosure] test this
      ... lets sample the reaction time of vendors on this one: ... Thierry Zoller ... Full-Disclosure - We believe in it. ...
      (Full-Disclosure)
    • Re: [Full-disclosure] No one else seeing the new MS05-039 worm yet?
      ... Symantec ... > and other AV vendors have had code since then, ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ...
      (Full-Disclosure)