Re: <victim>server formmail.pl exploit in the wild

From: Noel Rosenberg (nrosen04at_private)
Date: Fri Apr 12 2002 - 12:39:56 PDT

Next message: Robert Zilbauer: "RE: <victim>server formmail.pl exploit in the wild"

Previous message: mike maxwell: "Re: <victim>server formmail.pl exploit in the wild"
In reply to: Andrew Daviel: "<victim>server formmail.pl exploit in the wild"
Next in thread: Christopher X. Candreva: "Re: <victim>server formmail.pl exploit in the wild"
Reply: Christopher X. Candreva: "Re: <victim>server formmail.pl exploit in the wild"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 11 Apr 2002, Andrew Daviel wrote:

|
| I've seen an attempt to exploit FormMail.pl version 1.9 (the latest
| official version), viz.

FormMail 1.9 (and lower) is insecure and should be replaced.

see Anonymous Mail Forwarding Vulnerabilities in FormMail 1.9
http://online.securityfocus.com/archive/1/252232

-Noel


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Robert Zilbauer: "RE: <victim>server formmail.pl exploit in the wild"
Previous message: mike maxwell: "Re: <victim>server formmail.pl exploit in the wild"
In reply to: Andrew Daviel: "<victim>server formmail.pl exploit in the wild"
Next in thread: Christopher X. Candreva: "Re: <victim>server formmail.pl exploit in the wild"
Reply: Christopher X. Candreva: "Re: <victim>server formmail.pl exploit in the wild"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 12 2002 - 13:21:56 PDT