I've seen an attempt to exploit FormMail.pl version 1.9 (the latest official version), viz. Tue Apr 9 15:40:50 2002 REMOTE_ADDR=172.190.98.15 REQUEST_METHOD=POST REMOTE_PORT=2768 HTTP_CACHE_CONTROL=no-cache REQUEST_URI=/cgi-bin/formmail.pl CONTENT_TYPE=application/x-www-form-urlencoded CONTENT_LENGTH=2153 Count 1 . We will show you how to not only make money online, .. subject academics NyZ0f recipient <a2888at_private>vancouver-webpages.com,<a28danat_private>vancouver-webpages.com, etc. as per http://online.securityfocus.com/archive/1/252232 I have also seen an extensive credit card fraud spam campaign aimed at AOL users exploiting the earlier vulnerability in FormMail.pl version 1.6 Andrew Daviel, TRIUMF, Canada Tel. +1 (604) 222-7376 securityat_private ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Apr 12 2002 - 08:33:02 PDT