[Esd-l] Hrmm. executable file in content-type audio/x-wav
plchoy at income.com.sg
Sun Nov 11 19:30:01 PST 2001
Here is one more entire mime with truncated attached file - last time unless
there is more variants.. though unlikely. This pif file of 65.7kB came thru
the poisoned list containing *.pif.
Received: from interscan.cyberquote.com.sg (smtp.cyberquote.com.sg
by phillip.com.sg (8.12.0.Beta16/8.12.0.Beta16) with SMTP id fAC2dLxc011564
for <plchoy at income.com.sg>; Mon, 12 Nov 2001 10:39:21 +0800
Date: Mon, 12 Nov 2001 10:39:21 +0800
Message-Id: <200111120239.fAC2dLxc011564 at phillip.com.sg>
Received: from 10.88.94.87 by interscan.cyberquote.com.sg (InterScan E-Mail
VirusWall NT); Mon, 12 Nov 2001 10:42:10 +0800
From: och at phillip.com.sg
Subject: We want peace
X-Security: MIME headers sanitized on mail
for details. $Revision: 1.130 $Date: 2001-09-08 11:40:29-07
<DEFANGED_iframe src=3Dcid:V550s78E height=3D0 width=3D0>
I'm sorry to do so,but it's helpless to say sorry.
I want a good job,I must support my parents.
Now you have seen my technical capabilities.
How much my year-salary now? NO more than $5,500.
What do you think of this fact?
Don't call my names,I have no hostility.
Can you help me?
[ Trucated frm 65.7k junk file ]
----- Original Message -----
From: "John D. Hardin" <jhardin at impsec.org>
To: "Philip Choy" <plchoy at income.com.sg>
Cc: <Esd-l at spconnect.com>
Sent: 11-Nov-2001 2:14 AM
Subject: Re: [Esd-l] Hrmm. executable file in content-type audio/x-wav comes
> On Fri, 9 Nov 2001, Philip Choy wrote:
> > Content-Type: audio/x-wav; name=Vlusg.exe
> > Content-Transfer-Encoding: base64
> > Content-ID: <R0uIhO598>
> > Hello. To my surprise, this executable file manages to go thru the
> > banned list. *.exe is in the poisoned list and exe is in mangle
> > list too. And, i m using the current version 1.1.130.
> > Any solution?
> Are those *all* of the MIME headers for that attachment?
> John Hardin KA7OHZ ICQ#15735746 http://www.wolfenet.com/~jhardin/
More information about the esd-l