[OT]Fake emails being as "failure to deliver"
Norberto Quintanar
yellowdog-general@lists.terrasoftsolutions.com
Wed Jun 9 13:22:01 2004
If you get an email message similiar to the one below don't click on
it. It's part of a malicious spammers idea to infect your computer
and get your password. It exploits a flaw/ bug in php. The PHP-Nuke
contains an exploitable SQL injection vulnerability that can be used
by attackers to cause the system to execute arbitrary SQL statements.
Here is a good explanation on how it works.
<http://www.karakas-online.de/EN-Book/sql-injection-with-php-nuke.html>
---message---
Subject: Mail Delivery
If the message will not displayed automatically,
follow the link to read the delivered message.
Received message is available at:
www.yahoo.com/inbox/"Your Yahoo identity"/read.php?sessionid-XXXXX
----message----
I've read that this can affect Windoze and Mac OS, linux wasn't
listed. I'm posting this because most of us use Windoze or OSX at
work.
__________________________________
Do you Yahoo!?
Friends. Fun. Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/