[Esd-l] Palyh worm
John D. Hardin
jhardin at impsec.org
Tue May 20 14:39:34 PDT 2003
On Tue, 20 May 2003, Kenneth Porter wrote:
> But .pi still looks like it might be an issue.
According to McAfee's writeup, the .pif -> .pi occurs at the client
due to a missing close quote. The sanitizer cleans up the closing
quote as part of header sanitizing, so this shouldn't be an issue.
--
John Hardin KA7OHZ ICQ#15735746 http://www.impsec.org/~jhardin/
jhardin at impsec.org pgpk -a jhardin at impsec.org
key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
The fetters imposed on liberty at home have ever been forged out
of the weapons provided for defense against real, pretended, or
imaginary dangers from abroad.
-- James Madison, 1799
-----------------------------------------------------------------------
532 days until the Presidential Election
More information about the esd-l
mailing list