[OT]Fake emails being as "failure to deliver"

[Norberto Quintanar]

If you get an email message similiar to the one below don't click on
it.  It's part of a malicious spammers idea to infect your computer
and get your password.  It exploits a flaw/ bug in php.  The PHP-Nuke
contains an exploitable SQL injection vulnerability that can be used
by attackers to cause the system to execute arbitrary SQL statements.

Here is a good explanation on how it works.
<http://www.karakas-online.de/EN-Book/sql-injection-with-php-nuke.html>
---message---
Subject: Mail Delivery  

If the message will not displayed automatically,
follow the link to read the delivered message.

Received message is available at:
www.yahoo.com/inbox/"Your Yahoo identity"/read.php?sessionid-XXXXX
----message----

I've read that this can affect Windoze and Mac OS, linux wasn't
listed.  I'm posting this because most of us use Windoze or OSX at
work.  



	
		
__________________________________
Do you Yahoo!?
Friends.  Fun.  Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/