[Esd-l] Fw: .com file which passed thru the sanityzer
Juan Maria Gil
jmg at olinet.es
Mon Nov 24 07:37:55 PST 2003
I'm sorry, I forgot to desfigure the EICAR signature from my previous email.
Hi,
Today we have received some emails from a security test sent to us by SecurityMetrics,
eveyone of the executables were sanitized but one.
This is the significative parts of this message:
Subject: [raq550] Nessus antivirus test 4: broken MIME attachment (ISO encoding)
X-Security: MIME headers sanitized on ns1.olinet.es
See http://www.impsec.org/email-tools/sanitizer-intro.html
for details. $Revision: 1.139 $Date: 2003-09-07 10:14:23-07
Content-Type: multipart/mixed; boundary="=-=-="
Lines: 13
Sender: owner-raq550 at www.olinet.es
Precedence: bulk
Reply-To: nobody at example.com
X-Majordomo-Version: 1.94.4
X-UIDL: hfY"!eUd!!fU%#!JiH"!
--=-=-=
If you can read or execute the attachment, this means that you do not
have an antivirus, or that it was disabled.
--=-=-=
Content-Disposition: attachment; filename="eicar.=?ISO-8859-1?Q?c?= =?ISO-8859-1?Q?o?=
=?ISO-8859-1?Q?m?="
Content-Description: EICAR test file
Content-Type: application/octet-stream
*****EICAR-STANDARD-ANTIVIRUS-TEST-FILE!
--=-=-=--
Any clue?
Greetings from Spain.
Saludos.
---------------------------------------------------------------
Juan María Gil Alexandres ( jmg at olinet.es ).
OLINET, S.L. Teléfono: 952207135 - Fax: 952207600
Avda. Juan Sebastián Elcano, 39-41. 29017 Málaga.
---------------------------------------------------------------
More information about the esd-l
mailing list