[Esd-l] virus bypassed sanitizer
Simon Matthews
simon at paxonet.com
Thu Jan 3 16:42:01 PST 2002
I recently received a virus infected email -- Norton Antivirus identified
it as: W32.HLLW.GOP at mm.
Despite the fact that I have exe in the mangle list and *.exe in the
poisoned files, the attached virus executable (in this case
kernelsys32.exe) came though unaltered (not even mangled). The procmail log
file shows the usual 'Sanitizing MIME attachment headers'.
Anyone else seen this? Anyone want me to forward the email to them for
investigation?
Simon
More information about the esd-l
mailing list