Sorry, I forgot the attachments (thanks Steve). -- Saludos, -Roman PGP Fingerprint: 09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742 [Key ID: 0xEAD56742. Available at KeyServ]
--- Begin Message ---
- To: "Roman Medina-Heigl Hernandez" <roman@xxxxxxxxxxx>
- Subject: ALERT - Virus Perl/Exploit-TWiki found; an attachment/message has been quarantined
- From: "DSAVEXCHANGEUS001\(Network Associates Anti-Virus - Mailbox Agent\)" <DSAVEXCHANGEUS001@xxxxxxxxxxx>
- Date: Thu, 26 Jan 2006 09:51:58 -0500
Action Taken: An attempt to disinfect the attachment was unsuccessful, so the attachment was quarantined from the message and replaced with a text file informing the recipient of the action taken. The infected attachment has been placed in the designated quarantine folder. Please exercise extreme caution when handling the quarantined attachment To: bugtraq@xxxxxxxxxxxxxxxxx From: Roman Medina-Heigl Hernandez Sent: -268036956,29675210 Subject: TWiki exploit (search.pm / CAN-2004-1037) Attachment Details:- Attachment Name: tweaky.pl File: tweaky.pl Infected? Yes Repaired? No Virus Name: Perl/Exploit-TWiki<<winmail.dat>>
--- End Message ---
--- Begin Message ---
- To: "Roman Medina" <roman@xxxxxxxxxxx>
- Subject: ALERT - Virus JS/Exploit-CrossSite found; an attachment/message has been quarantined
- From: "DSAVEXCHANGEUS001\(Network Associates Anti-Virus - Mailbox Agent\)" <DSAVEXCHANGEUS001@xxxxxxxxxxx>
- Date: Thu, 26 Jan 2006 09:52:19 -0500
Action Taken: An attempt to disinfect the attachment was unsuccessful, so the attachment was quarantined from the message and replaced with a text file informing the recipient of the action taken. The infected attachment has been placed in the designated quarantine folder. Please exercise extreme caution when handling the quarantined attachment To: full-disclosure@xxxxxxxxxxxxxxxx From: Roman Medina Sent: 1181173308,29640727 Subject: RS-2004-1: SquirrelMail "Content-Type" XSS vulnerability Attachment Details:- Attachment Name: RS-Labs-Advisory-2004-1.txt File: RS-Labs-.txt Infected? Yes Repaired? No Virus Name: JS/Exploit-CrossSite<<winmail.dat>>
--- End Message ---
--- Begin Message ---
- To: "Roman Medina" <roman@xxxxxxxxxxx>
- Subject: ALERT - Virus JS/Exploit-CrossSite found; an attachment/message has been quarantined
- From: "DSAVEXCHANGEUS001\(Network Associates Anti-Virus - Mailbox Agent\)" <DSAVEXCHANGEUS001@xxxxxxxxxxx>
- Date: Thu, 26 Jan 2006 09:52:19 -0500
Action Taken: An attempt to disinfect the attachment was unsuccessful, so the attachment was quarantined from the message and replaced with a text file informing the recipient of the action taken. The infected attachment has been placed in the designated quarantine folder. Please exercise extreme caution when handling the quarantined attachment To: full-disclosure@xxxxxxxxxxxxxxxx From: Roman Medina Sent: -992492234,29640178 Subject: [Full-Disclosure] RS-2004-1: SquirrelMail "Content-Type" XSS vulnerability Attachment Details:- Attachment Name: RS-Labs-Advisory-2004-1.txt File: RS-Labs-.txt Infected? Yes Repaired? No Virus Name: JS/Exploit-CrossSite<<winmail.dat>>
--- End Message ---
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/