SV: Ruh-Roh SOBIG.G?
From: Peter Kruse (kruse_at_krusesecurity.dk)
Date: 09/26/03
- Previous message: Gabucino: "MPlayer Security Advisory #01: Remotely exploitable buffer overflow"
- In reply to: Liviu Daia: "Re: Ruh-Roh SOBIG.G?"
- Next in thread: Larry Seltzer: "RE: Ruh-Roh SOBIG.G?"
- Reply: Larry Seltzer: "RE: Ruh-Roh SOBIG.G?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Liviu Daia'" <Liviu.Daia@imar.ro>, <bugtraq@securityfocus.com> Date: Fri, 26 Sep 2003 00:02:24 +0200
Hi,
There is no new Sobig worm here. I just ran through samples received by
the original poster and I can confirm that these are all Sobig-F
samples. The worm is known to be polymorphic which by nature will change
the size and content of the code. Nothing new here.
Kind regards // Med venlig hilsen
Peter Kruse
CSIS / Kruse Security ApS
http://www.krusesecurity.dk
- Previous message: Gabucino: "MPlayer Security Advisory #01: Remotely exploitable buffer overflow"
- In reply to: Liviu Daia: "Re: Ruh-Roh SOBIG.G?"
- Next in thread: Larry Seltzer: "RE: Ruh-Roh SOBIG.G?"
- Reply: Larry Seltzer: "RE: Ruh-Roh SOBIG.G?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
