Date: Mon, 10 Mar 2003 10:04:56 -0600 From: "Jacques A. Vidrine" <nectar@FreeBSD.org> To: David Olbersen <dave@slickness.org> Cc: freebsd-security@freebsd.org Subject: Re: sendmail exploit in wild? Message-ID: <20030310160456.GB3720@madman.celabo.org> In-Reply-To: <20030310155043.GA86716@slickness.org> References: <20030310155043.GA86716@slickness.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Mar 10, 2003 at 07:50:43AM -0800, David Olbersen wrote: > I don't use sendmail but did get these two messages from postfix: > > Mar 9 22:47:58 bubbles postfix/smtpd[26116]: warning: unknown[62.56.175.142] > sent Message-ID: header instead of SMTP command: Message-ID: > <199b8142297b$b6bc9b9a$c2263fc2@hnayttbkseb.bu> > > Mar 9 22:47:58 bubbles postfix/smtpd[26116]: warning: unknown[62.56.175.142] > sent Message-ID: header instead of SMTP command: Message-ID: > <199b8142297b$b6bc9b9a$c2263fc2@hnayttbkseb.bu> > > I know the sendmail exploit is in the headers, does this look like it? No. The (known) sendmail problem is to do with parsing addresses that smell like `<><><><><><><><>' or similar. Cheers, -- Jacques A. Vidrine <nectar@celabo.org> http://www.celabo.org/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030310160456.GB3720>