$report for <iframe> v. $report for actual virus

Dustin Baer dustin.baer at IHS.COM
Tue Oct 8 18:09:28 IST 2002 

Julian Field wrote:
>
> At 16:05 08/10/2002, you wrote:
> >MailScanner-3.23-4
>
> Can you just check I didn't fix this already in -5?

Doesn't seem to be.

Here are (most of) the syslog entries from -5:

Oct  8 11:01:18 mail2.ihs.com mailscanner[23783]: MailScanner E-Mail
Virus Scanner version 3.23-5 starting.
Oct  8 11:02:12 mail2.ihs.com mailscanner[23788]: >>> Virus
'W32/Bugbear-A' found in file ./g98H26gD023885/hosting.ppt.exe
Oct  8 11:02:12 mail2.ihs.com mailscanner[23788]: Detected
Microsoft-specific exploits in g98H26gD023885
Oct  8 11:02:12 mail2.ihs.com mailscanner[23788]: Found possible
filename hiding (hosting.ppt.exe)
Oct  8 11:02:12 mail2.ihs.com mailscanner[23788]: Found 3 viruses in
messages g98H26gD023885
Oct  8 11:02:13 mail2.ihs.com mailscanner[23788]: Saved entire message
to /var/spool/MailScanner/quarantine/20021008/g98H26gD023885
Oct  8 11:02:19 mail2.ihs.com mailscanner[23788]: Commercial disinfector
sophos returned 768
Oct  8 11:02:21 mail2.ihs.com mailscanner[23788]: >>> Virus
'W32/Bugbear-A' found in file ./g98H26gD023885/hosting.ppt.exe
Oct  8 11:02:21 mail2.ihs.com mailscanner[23788]: Found possible
filename hiding (hosting.ppt.exe)
Oct  8 11:02:21 mail2.ihs.com mailscanner[23788]: Found 2 viruses in
messages g98H26gD023885

stored.virus.message.txt says:

        At Tue Oct  8 11:02:12 2002 the virus scanner said:
           Possible Microsoft security vulnerability attack

The postmaster email from sendmail.pl says:

        MessageID: g98H26gD023885
            Report: Possible Microsoft security vulnerability attack
           Report: >>> Virus 'W32/Bugbear-A' found in file
./g98H26gD023885/hosting.ppt.exe
        Attempt to hide real filename extension (hosting.ppt.exe)

I have just downloaded the current version of the alpha release of 4, so
play with that today and see if it is different there.

Dustin

--
Dustin Baer
Unix Administrator/Postmaster
Information Handling Services
15 Inverness Way East
Englewood, CO 80112
303-397-2836

More information about the MailScanner mailing list