On Thu, Oct 16, 2003 at 11:01:51PM -0400, Roberto Sanchez wrote:
stuart whittaker wrote:
file will unzip with winzip.
Since the message was HTML generated with some M$ tool I would guess that the attachment contains a virus of some sort. Maybe we are witnessing fledgling attempts at social engineering to get Linux users download and execute viruses?
Maybe I am just being paranoid. Anyone want to start a pool and take bets?
I was just thinking that since most people believe "executable attachments bad; MSWord attachments bad" the smartest thing for virus writers to do would be look for buffer exploits in apps and send docs that exploit those. What if the mere act of unzipping a zip was the attack vector? Since the Windows zip is now a DLL loaded in-process with explorer.exe, that would be the way to go.
Except that the attachment to the initial message was a .tgz, which Windows cannot handle without a third party app. Had it been a .zip, I would have immediately suspected what you said.
-Roberto
pgp00000.pgp
Description: PGP signature
