--On Tuesday, February 14, 2006 1:26 PM -0600 Jim McCullars
[EMAIL PROTECTED] wrote:
I believe this exploit may be fairly new, in that I could find very
little on the web about it.
http://www.google.com/search?hl=enq=formmail+exploitbtnG=Google+Search
It's an old and well-known exploit. You
Hello,
i am new to MIMEDefang and i have one question :
I want to manipulate the Headers To: and CC: , but first i
want to have the content of these headers !
Is there a variable that includes this information ?
Or should i get the information from the file HEADER in the temp Directory ?
Thanks
On Wed, 15 Feb 2006, Kenneth Porter wrote:
It's an old and well-known exploit. You can find a secure replacement
for
the old Formmail here:
I may not have been as clear about this as I should have been. This
was not an exploit against the FormMail script from Matt's Script Archive.
It
On Wed, 15 Feb 2006, Jim McCullars wrote:
You've wrote that you've disabled CGI --
Dunno, but I wouldn't weight PHP more secure than general CGI ??
Bye,
--
Steffen Kaiser
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
On Wed, Feb 15, 2006 at 08:54:59AM -0600, Jim McCullars wrote:
It's an old and well-known exploit. You can find a secure replacement
for
the old Formmail here:
I may not have been as clear about this as I should have been. This
was not an exploit against the FormMail script from
PHP's mail() function is completely broken. It is insecure, and it is
*impossible* to make it secure unless you aggressively sanitize all your
input.
PHP is a truly horrible language (hey, I use it every day, so I should
know...) and mail() stands out as one of the worst things about it.
I
Can someone give me some pointers on
rejecting/dropping mail before it gets to
spamassassin? I'm running solaris 9, sendmail,
mimedefang and spamassassin. I'd like to block some
messages at the sendmail level since that doesn't use
much cpu/memory (I'd think most zombie's, ratware,
spoofing can
Stephen Ford wrote:
Can someone give me some pointers on
rejecting/dropping mail before it gets to
spamassassin? I'm running solaris 9, sendmail,
mimedefang and spamassassin. I'd like to block some
messages at the sendmail level since that doesn't use
much cpu/memory (I'd think most
David F. Skoll wrote:
PHP's mail() function is completely broken. It is insecure, and it is
*impossible* to make it secure unless you aggressively sanitize all your
input.
PHP is a truly horrible language (hey, I use it every day, so I should
know...) and mail() stands out as one of the worst
1) Turn on the greet_pause function in sendmail - this will drop a fair
number of spammers. You can bypass this for local or trusted boxes to avoid
the delay.
2) Turn on needmailhelo - this will drop a few more
3) Use RBLs as was mentioned
4) If you have a finite number of users to service (as
Steffen Kaiser wrote:
You've wrote that you've disabled CGI --
Dunno, but I wouldn't weight PHP more secure than general CGI ??
With header injection attacks, it doesn't really matter whether the
target is PHP or CGI. It's a matter of how the message actually gets
sent. With PHP's mail
Stephen Ford wrote:
:snip:
I'd like to block some messages at the sendmail level
since that doesn't use much cpu/memory (I'd think most
zombie's, ratware, spoofing can be stopped here).
:snip:
If you use a sendmail.mc file from which to build your sendmail.cf, you'll
find Phil McMahon's
Maybe this can help:
http://pear.php.net/manual/en/package.networking.net-smtp.php
HTH
Oliver
--
Oliver Schulze L.
[EMAIL PROTECTED]
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may
Christoph wrote:
Or should i get the information from the file HEADER in the temp
Directory ?
The file is called ./HEADERS, and yes, you'll need to read it to get
the information. However, it's guaranteed to have one header per line
(long headers are unwrapped), so it's relatively easy to
On Wed, Feb 15, 2006 at 10:05:03AM -0800, Kelson wrote:
One way you can test your own scripts for this is to create a copy of
your form and replace all your input and select elements with
textarea (even checkboxes and radio buttons). That way you can try
Or install the TamperData firefox
Speaking of which, I saw these in my logs today...
POST /xmlrpc.php HTTP/1.1 500 256
POST /blog/xmlrpc.php HTTP/1.1 500 256
POST /blog/xmlsrv/xmlrpc.php HTTP/1.1 500 256
POST /blogs/xmlsrv/xmlrpc.php HTTP/1.1 500 256
POST /drupal/xmlrpc.php HTTP/1.1 500 256
POST /phpgroupware/xmlrpc.php HTTP/1.1
On Wed, Feb 15, 2006 at 04:56:36PM -0500, David F. Skoll wrote:
Christoph wrote:
Or should i get the information from the file HEADER in the temp
Directory ?
The file is called ./HEADERS, and yes, you'll need to read it to get
the information. However, it's guaranteed to have one
On Wed, 2006-02-15 at 17:13 -0600, Ben Kamen wrote:
Speaking of which, I saw these in my logs today...
POST /xmlrpc.php HTTP/1.1 500 256
POST /blog/xmlrpc.php HTTP/1.1 500 256
POST /blog/xmlsrv/xmlrpc.php HTTP/1.1 500 256
POST /blogs/xmlsrv/xmlrpc.php HTTP/1.1 500 256
POST
On Wed, Feb 15, 2006 at 05:13:27PM -0600, Ben Kamen wrote:
Speaking of which, I saw these in my logs today...
POST /xmlrpc.php HTTP/1.1 500 256
Likely looking for versions not patched against this:
http://b2evolution.net/news/2005/08/31/fix_for_xml_rpc_vulnerability_again_1
I'll have to
G. Roderick Singleton wrote:
On Wed, 2006-02-15 at 17:13 -0600, Ben Kamen wrote:
Speaking of which, I saw these in my logs today...
POST /xmlrpc.php HTTP/1.1 500 256
POST /blog/xmlrpc.php HTTP/1.1 500 256
POST /blog/xmlsrv/xmlrpc.php HTTP/1.1 500 256
POST /blogs/xmlsrv/xmlrpc.php HTTP/1.1 500
Ben Kamen wrote:
I don't run PGP on this box... (laffin)
Er, that's PHP... (hey, I was one letter off... you all knew what I meant! :) )
-Ben
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND
21 matches
Mail list logo