BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Attack signature of new sendmail vulnerability

Subject: Attack signature of new sendmail vulnerability
From: bill at horne.net (Bill Horne)
Date: Tue, 4 Mar 2003 12:29:09 -0500

TWIMC,



From: http://www.cert.org/advisories/CA-2003-07.html

"A successful attack against an unpatched sendmail system will not leave any
messages in the system log. However, on a patched system, an attempt to
exploit this vulnerability will leave the following log message:

  'Dropped invalid comments from header address'"

The advisory doesn't say which log this message would be found in.

HTH.

Bill

--
Bill Horne
781 784-7287
I'm a LAN/WAN Specialist and I'm looking for a job. Please tell your
friends.

Follow-Ups:
- Attack signature of new sendmail vulnerability
  - From: gaf at blu.org (Jerry Feldman)

Prev by Date: Compuserve
Next by Date: Fwd: Linux guru needed to write device driver. Burlington, Massachusetts.
Previous by thread: Fwd: Linux guru needed to write device driver. Burlington, Massachusetts.
Next by thread: Attack signature of new sendmail vulnerability
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Boston Linux & Unix / webmaster@blu.org