Re: uuencoded Love Worm variant

From: Bennett Todd (no email)
Date: Fri May 05 2000 - 14:18:50 EDT

• Next message: Roeland Meyer (E-mail): "RE: uuencoded Love Worm variant"
• Previous message: Eric Conrad: "uuencoded Love Worm variant"
• In reply to: Eric Conrad: "uuencoded Love Worm variant"
• Next in thread: Stephen Sprunk: "Re: uuencoded Love Worm variant"
• Reply: Stephen Sprunk: "Re: uuencoded Love Worm variant"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

2000-05-05-13:44:16 Eric Conrad:
> I caught one of these uuencoded 'in the wild'. It would have
> slipped through my filters if not for the standard Subject: line.

Does anyone know for sure that the uuencoded version isn't actually
devenomed by the uuencoding? I.e. is there any known gateway that
will turn the uuencoded attachment back into the known-virulent
MIME, or any known MUA that will offer to execute the uuencoded
script with a simple click? If the user has to go out of their way
to expressly decode the thing into a file, then deliberately execute
that file, that varient of the worm won't spread like wildfire; I'm
content to let it pass.

-Bennett

• application/pgp-signature attachment: stored

• Next message: Roeland Meyer (E-mail): "RE: uuencoded Love Worm variant"
• Previous message: Eric Conrad: "uuencoded Love Worm variant"
• In reply to: Eric Conrad: "uuencoded Love Worm variant"
• Next in thread: Stephen Sprunk: "Re: uuencoded Love Worm variant"
• Reply: Stephen Sprunk: "Re: uuencoded Love Worm variant"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]