On Sat, 2003-08-23 at 09:43, Tim Wunder wrote: > On Saturday 23 August 2003 9:26 am, someone claiming to be Ken Moffat wrote: > > > Are these sobig virii Outlook (express) specific, or are other mail > > clients, say Netscape (on windows) or eudora, vulnerable? > > If the user clicks on the executable file attachment, regardless of mail > client, they can get infected. Although, I think it'll only mail itself out > if the user has an Outlook, or Outlook Express address book.; or possibly a > text file containing addresses.
According to CERT.org: "The worm requires a user to execute the malicious attachment either manually or by using an email client that will open the attachment automatically. Upon successful execution, the worm installs itself as C:\%windir%\winppr.exe and also creates the file C:\%windir%\winstt32.dat. An entry is also added to the Run registry key so that this executable will be run upon system restart. The key installed in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run is ScanX with the value "c:\winnt\winppr.exe /sinc". The program then proceeds to scan files with certain extensions (htm, html, dbx, hlp, mht, txt, wab) on the compromised system for valid email addresses, and it uses an internal SMTP engine to email itself to those addresses." Linux does not have any of the necessary structures described above (e.g. a registry). OTOH Linux boxes could be adversely affected by a flood of mail being generated by infected Windows client boxes. However, there is a pseudo registry in Wine implementations. I checked the wine registry files in my Redhat 8.0 and the registry key that the worm looks for (according to CERT) is not present. That is not to say that the virus couldn't be modified to attack a wine-based Linux system, but then there is the additional hurdle of permission to modify root-controlled files. -- burns _______________________________________________ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users
