Autor: Jason W. Data: A: exim-users Assumpte: Re: [exim] Script kiddies?
On Wed, Jan 12, 2011 at 8:36 AM, Ted Cooper <eximX0902w@???> wrote:
> There is the possibility that this has become part of some script kiddie
> exploit kit now so there may be more of these attacks against servers
> running old versions. Luckily it's not very well written and falls over
> fairly quickly.
Since the exploit was published, I have seen quite a few alerts from
snort on my exim box on what I think is the attack, but I haven't
probed too deep into it:
[**] [124:1:1] (smtp) Attempted command buffer overflow: more than 512
chars [**][Classification: Attempted Administrator Privilege Gain]
[Priority: 1]
--
HTH, YMMV, HANW :)
Jason
The path to enlightenment is /usr/bin/enlightenment.