Author: Robert Hyatt
Date: 15:46:08 07/29/98
Go up one level in this thread
On July 29, 1998 at 13:29:26, Tom Kerrigan wrote: >I'm not sure if our facts are straight or if we're talking about two different >viruses here... > >I heard just recently that Navigator and Explorer run bits of code associated >with e-mail file attachments, and somebody managed to put a virus in this >format. > >The easy fix is to delete messages from strangers that have files attached. >*Don't* look at the messages, of course. Netscape and MS are working on better >fixes (they may have posted something already)... > >Cheers, >Tom > the problem I have heard of, via CERT, by the way, is that it is possible to send someone an email, with a *long* subject line. This subject line is read with a "gets()" C call, which doesn't protect against buffer overrun. Someone has exploited this by making a very long subject line, and on the end they appended some hex codes for assembly language instructions that can do damage to the machine, if it is an x86 machine and if it is running win95/98 only, apparently. There is a formal notice/announcement on Netscape's web site... >On July 29, 1998 at 13:00:16, Robert Hyatt wrote: > >>On July 29, 1998 at 10:42:56, Tom Kerrigan wrote: >> >>>How do people know so much about this virus and not know how to remove it? >>>I mean, you know when it goes off, you know it has some sort of counter, you >>>know how it reproduces, etc. >>>I think you've been had. >> >>actually this one is real... but it only affects one platform, and is based >>on those that read email via netscape, or internet explorer, or one other >>browser. It takes advantage of someone using the "gets()" input function >>which has always been a problem due to no way of specifying buffer length. >> >>Apparently an email, with a *very long* subject line, can cause problems in a >>netscape reader. If you run unix, don't sweat it. If you run NT, don't sweat >>it. If you run win95, you should visit netscape and get their fix for this. In >>unix such a thing might clobber your user files for a user that reads mail like >>this, *if* the virus was written for unix. But it appears to be a windows only >>one, so everything else is safe. NT has file security so again it might zap a >>user's files, but no one elses and no system files... >> >> >> >> >>> >>>Cheers, >>>Tom >>> >>>On July 29, 1998 at 10:15:19, Fernando Villegas wrote: >>> >>>>Hi all: >>>>I just has been warned, one minute ago, that a virus created in Argentina was >>>>introduced in the email server of the three most important internet servers of >>>>Chile and this one has been dispersed each time one of us has used the email >>>>service. The virus will launch 31 julio and it is murderous. It destroy >>>>everything. The warning was given by a known argentinian gropup of reasearch and >>>>has been taken seriously here. Until now no remedy is known, except to avoid use >>>>the computer that date. Changing the date in the computer is not enough; the >>>>virtus has its own time counter. So, any guy here that has received an email >>>>from me in the last week or so, -you, Steven, for certain, Bruce Moreland, Don >>>>dailey, Moritz, etc- please take a look at this warning. I know sometimes theses >>>>are fake warning, but this seems to be the real thing. Normal antivuiruis >>>>programs does not detect less destroy it. Anything new I know about this I will >>>>commmunicate before of after that date. I will not take risk. >>>>Fernando
This page took 0 seconds to execute
Last modified: Thu, 15 Apr 21 08:11:13 -0700
Current Computer Chess Club Forums at Talkchess. This site by Sean Mintz.