[SLUG] Vulnerability in formmail.pl

From: Smitty (a.smitty@verizon.net)
Date: Fri Sep 20 2002 - 22:33:14 EDT

Next message: Paul M Foster: "[SLUG] Batteries Plus review"
Previous message: Ronald KA4INM Youvan: "Re: [SLUG] A coincidence?"
Next in thread: Matthew Moen: "Re: [SLUG] Vulnerability in formmail.pl"
Reply: Matthew Moen: "Re: [SLUG] Vulnerability in formmail.pl"
Reply: btt@nethouse.com: "Re: [SLUG] Vulnerability in formmail.pl"
Reply: Paul M Foster: "Re: [SLUG] Vulnerability in formmail.pl"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I just got off irc and worked with a sysadmin there on a problem with
formmail.pl in apache that allows a malicious third party to use the http
daemon as a open relay.
watched the spammer spew from 205.200.3.17 to the aol domain.
Solution is to not use formmail.pl or edit it to clean up the regexs.
Smitty

Next message: Paul M Foster: "[SLUG] Batteries Plus review"
Previous message: Ronald KA4INM Youvan: "Re: [SLUG] A coincidence?"
Next in thread: Matthew Moen: "Re: [SLUG] Vulnerability in formmail.pl"
Reply: Matthew Moen: "Re: [SLUG] Vulnerability in formmail.pl"
Reply: btt@nethouse.com: "Re: [SLUG] Vulnerability in formmail.pl"
Reply: Paul M Foster: "Re: [SLUG] Vulnerability in formmail.pl"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 19:55:57 EDT