<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Bugtraq: Re: New MyDoom variant

Re: New MyDoom variant

From: Elliott C. Bäck <ecb29_at_cornell.edu>
Date: Wed, 04 Aug 2004 15:18:58 -0400

According to Computer Associates:

"cmd
bat
com
exe
pif
scr

The attachment name may also be the e-mail address of the recipient.

The attachment could also be in a ZIP archive, and can have a "double
extension", with "doc", "txt", "htm" or "html" followed by many spaces,
then the real extension."

http://www3.ca.com/securityadvisor/virusinfo/virus.aspx?id=39711

Elliott C. Bäck
------------------------------------------
http://www.elliottback.com
http://www.rso.cornell.edu/sevenspirits/

Paul Kurczaba wrote:

>What extension does the attachment have (exe, pif, zip)?
>
>-Paul
>----- Original Message -----
>From: <albatross_at_tim.it>
>To: <bugtraq_at_securityfocus.com>
>Sent: Wednesday, August 04, 2004 9:22 AM
>Subject: New MyDoom variant
>
>
>
>
>
>
>
>
>
Received on Aug 04 2004

This message: [ Message body ]
Next message: CORE Security Technologies Advisories: "CORE-2004-0705: Vulnerabilities in PuTTY and PSCP"
Previous message: Bryan Burns: "Re: New MyDoom variant"
In reply to: Paul Kurczaba: "Re: New MyDoom variant"
Next in thread: Marc Hultquist: "Re: New MyDoom variant"
Reply: Marc Hultquist: "Re: New MyDoom variant"
Reply: Purple Pony: "Re: New MyDoom variant"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]