[Mailman-Users] Re: Mime Exploit found in Mailman-2.1.2 source tarball
Paul H Byerly
paul at thcwd.com
Fri Jun 13 18:22:00 CEST 2003
The file in question is a test file that contains the mime wrapper
from Nimda. The payload has been replaced with XXXX and the code is
completely inactive. I would say your virus scanner is a bit anal, as
there is zero threat from the file.
Rathan Levins wrote:
>I downloaded the Mailman 2.1.2 tarball yesterday, and ran into an issue
>with a virus scan. McAfee commandline virus scan found
>Exploit-MIME.gen, a generic MIME format "virus" that exploits the
>"Microsoft Incorrect MIME Header vulnerability". I downloaded the
>source tarball yesterday, and the virus scanner hit on it after a
>crontab job ran uvscan. Below is the output when I scanned the suspect
>file.
>
>[root at emit_server msgs]# uvscan
>/usr/local/src/mailman-2.1.2/tests/msgs/nimda.txt
>
>/usr/local/src/mailman-2.1.2/tests/msgs/nimda.txt
> Found the Exploit-MIME.gen virus !!!
<>< Paul
More information about the Mailman-Users
mailing list