[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [SPAM] Fw: [Full-Disclosure] Joke.cpl ???
- To: <Full-Disclosure@xxxxxxxxxxxxxxxx>
- Subject: RE: [SPAM] Fw: [Full-Disclosure] Joke.cpl ???
- From: "Todd Towles" <toddtowles@xxxxxxxxxxxxxxx>
- Date: Fri, 29 Oct 2004 09:45:57 -0500
We have had this talk on FD before...just search for AV Naming in the
archives....fun stuff.
> -----Original Message-----
> From: full-disclosure-admin@xxxxxxxxxxxxxxxx
> [mailto:full-disclosure-admin@xxxxxxxxxxxxxxxx] On Behalf Of
> Hugo van der Kooij
> Sent: Friday, October 29, 2004 7:54 AM
> To: Full-Disclosure@xxxxxxxxxxxxxxxx
> Subject: Re: [SPAM] Fw: [Full-Disclosure] Joke.cpl ???
>
> On Fri, 29 Oct 2004, Daniel Bachfeld wrote:
>
> > So far we have Bagle AQ, AT, AU, AY and BB for the same worm More
> > proposals?
> >
> > This is the biggest divergence i've seen the last months.
> Is there any
> > reason, why the vendors could not agree on one name? We
> already have
> > CVE-entries and Bugtraq-IDs for vulnerabilities.
>
> So far I noticed at least two distinct files which were
> detected as W32/Bable.AP@mm (F-Prot) or Worm.Bagle.AT (ClamAV).
>
> Now I get freash trash Which is decoded as W32/Bagle.AQ@mm
> (F-Prot) or Worm.Bagle.AX (ClamAV).
>
> I am under the impression it is not a single infection.
>
> But I share your sense of utter confusion. To which the
> people of ClamAV have contributed way too much. (Noticed
> their 'SomeFool'series?)
>
> Hugo.
>
> --
> I hate duplicates. Just reply to the relevant mailinglist.
> hvdkooij@xxxxxxxxxxxxxxx
> http://hvdkooij.xs4all.nl/
> Don't meddle in the affairs of magicians,
> for they are subtle and quick to anger.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html