Date: Tue, 15 Jun 1999 00:30:33 -0600 From: Warner Losh <imp@harmony.village.org> To: LutzRab@omc.net Cc: security@FreeBSD.ORG Subject: Re: New Attack via sendmail? Message-ID: <199906150630.AAA90548@harmony.village.org> In-Reply-To: Your message of "Mon, 14 Jun 1999 21:30:58 %2B0200." <199906141930.VAA14403@office.omc.net> References: <199906141930.VAA14403@office.omc.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199906141930.VAA14403@office.omc.net> "Lutz Rabing" writes: : I've seen some pretty strange lines in syslog of one of our webservers. : : The box is running 2.2.8 with sendmail 8.9.3 and has never been out of : swap space before, in fact it's not using swap space at all under normal : conditions. Have you used gdb to get a traceback sendmail.core? Have you considered building sendmail from sources and installing that binary if you have the stripped binary installed? I've not heard of attack like this recently. Also, I'd take a look at cucipop. It may be the case that it, or something else, is eating all the memory, causing problems for sendmail, et al. 'ps auxww' should help next time this happens. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199906150630.AAA90548>