Re: ScanMail Message: To Recipient virus found or matched file blocking setting.

From: Blue Boar (BlueBoarat_private)
Date: Sat Mar 23 2002 - 15:12:07 PST

Next message: Tiago Halm: "RE: pure IE code injection"

Previous message: System Attendant: "ScanMail Message: To Recipient virus found or matched file blocki ng setting."
In reply to: System Attendant: "ScanMail Message: To Recipient virus found or matched file blocki ng setting."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Looks like the AV scanners are picking up the exploit method.  
I have not verified the executable attachment, nor have I
verified the exploit works.  If someone has done either, 
please post.

					BB

System Attendant wrote:
> 
> ScanMail for Microsoft Exchange has taken action on the message, please
> refer to the contents of this message for further details.
> 
> Sender = heyhey_at_private
> Recipient(s) = vuln-devat_private;
> Subject = pure IE code injection
> Scanning Time = 03/23/2002 16:09:58
> Engine/Pattern = 5.630-1025/248
> 
> Action on message:
> The attachment 4.zip contained JS_CIDEXPLOIT.B virus. ScanMail has taken the
> Deleted action.
> 
> Warning to recipient. ScanMail has detected a virus on HQ2KAX1.

Next message: Tiago Halm: "RE: pure IE code injection"
Previous message: System Attendant: "ScanMail Message: To Recipient virus found or matched file blocki ng setting."
In reply to: System Attendant: "ScanMail Message: To Recipient virus found or matched file blocki ng setting."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Mar 23 2002 - 15:15:46 PST