RE: new pop3 exploit out?

From: James Weiler (JWEILERat_private)
Date: Mon Oct 08 2001 - 12:31:06 PDT

Next message: Seth Milder: "Re: Weird DNS scans"

Previous message: John Hall: "Re: Weird DNS scans"
Maybe in reply to: leon: "new pop3 exploit out?"
Next in thread: Miller, Toby: "RE: new pop3 exploit out?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Port 5190 is for AIM though, not ICQ i thought

-----Original Message-----
From: Alvaro Soto [mailto:cogat_private]
Sent: Saturday, October 06, 2001 12:45 PM
To: leon; incidentsat_private
Subject: RE: new pop3 exploit out?


i only know of the port 5190, is the TCP port for icq 2000x



-----Mensaje original-----
De: leon [mailto:leonat_private]
Enviado el: Viernes, 05 de Octubre de 2001 03:03 p.m.
Para: incidentsat_private
Asunto: new pop3 exploit out?


Hi all,

I keep getting scanned on various ports (the usual 80, 23, 5190? I know
it is aim but not sure why people are looking for it) upon scanning the
systems back I find that they are only running a mail server on 110
(pop3) I am sorry I do not have banners that I have grabbed or anything
but I do have ip's for ya ;)

213.245.47.41
216.220.104.180
213.112.62.68 (this one is running a multitude of services at the time
of writing)
24.29.125.76

Anyone know anything about this?  I don't really care because it is more
of an annoyance since I am not running any of the services they are
looking for (as always).

I just figured I would give the list a heads up since I found it
strange.

Cheers and have a good weekend all,

Leon


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Seth Milder: "Re: Weird DNS scans"
Previous message: John Hall: "Re: Weird DNS scans"
Maybe in reply to: leon: "new pop3 exploit out?"
Next in thread: Miller, Toby: "RE: new pop3 exploit out?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Oct 08 2001 - 14:42:58 PDT