Re: [exim] Script kiddies?

Pàgina inicial
Delete this message
Reply to this message
Autor: Jason W.
Data:  
A: exim-users
Assumpte: Re: [exim] Script kiddies?
On Wed, Jan 12, 2011 at 8:36 AM, Ted Cooper <eximX0902w@???> wrote:

> There is the possibility that this has become part of some script kiddie
> exploit kit now so there may be more of these attacks against servers
> running old versions. Luckily it's not very well written and falls over
> fairly quickly.


Since the exploit was published, I have seen quite a few alerts from
snort on my exim box on what I think is the attack, but I haven't
probed too deep into it:

[**] [124:1:1] (smtp) Attempted command buffer overflow: more than 512
chars [**][Classification: Attempted Administrator Privilege Gain]
[Priority: 1]

--
HTH, YMMV, HANW :)

Jason

The path to enlightenment is /usr/bin/enlightenment.