Unusual smail (SPAM mail)

What is special about this email subject:

“An unauthenticated, remote attacker could exploit it to gain root on your Solaris system.”

Well at first glace, nothing it looks legit, but believe it or not, this was used a as subject for a SPAM I received (for meds of course).

What baffles me more is the fact that this line does not appear to be written anywhere on the Internet (2 hits in Google), where did they get this text from?

  • http://peterdawson.typepad.com /pd

    once could split the title into terms correct ??

  • http://www.BeyondSecurity.com noam

    That would be kind weird, as the above subject is a coherent sentence, so I assumed it would be all “at once”.

  • Denis

    It may come from a document on the corrupted machine…

  • Gar

    Could be manpages? I assume solaris manpages aren’t all available on the internet like linux ones.

  • http://markijbema.blogspot.com/ Mark IJbema

    Well the hit on google does have an rss feed, so it could be that some spam app is parsing rss feeds and grabbing sentences from articles or something like that. I’m getting more and more of this type of spam lately.

  • ethernode

    Yup, i am recieving these new spams too, whose content is an aggregation of things i have read/discussed about.

    I guess that’s just how the spammer found my adress: on a mailing list for instance; then he takes snippets of text from the list, or just finds related info on the net (the place of origin gives him semantic context)…