Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: [SPAM] Fw: Joke.cpl ???
From: Hugo van der Kooij <hvdkooij () vanderkooij org>
Date: Fri, 29 Oct 2004 14:54:16 +0200 (CEST)

On Fri, 29 Oct 2004, Daniel Bachfeld wrote:

So far we have Bagle AQ, AT, AU, AY and BB for the same worm
More proposals?

This is the biggest divergence i've seen the last months. Is there any
reason, why the vendors could not agree on one name? We already have
CVE-entries and Bugtraq-IDs for vulnerabilities.

So far I noticed at least two distinct files which were detected as
W32/Bable.AP () mm (F-Prot) or Worm.Bagle.AT (ClamAV).

Now I get freash trash Which is decoded as W32/Bagle.AQ () mm (F-Prot) or
Worm.Bagle.AX (ClamAV).

I am under the impression it is not a single infection.

But I share your sense of utter confusion. To which the people of ClamAV
have contributed way too much. (Noticed their 'SomeFool'series?)


        I hate duplicates. Just reply to the relevant mailinglist.
        hvdkooij () vanderkooij org             http://hvdkooij.xs4all.nl/
                Don't meddle in the affairs of magicians,
                for they are subtle and quick to anger.

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]