Lisa,
You can find information regarding FormMail here:
http://www.securiteam.com/securitynews/Formmail_pl_Can_Be_Used_As_An_Open_Mail_Relay.html
Regards,
Bomm
Hush provide the worlds most secure, easy to use online applications - which solution
is right for you?
HushMail Secure Email
Lisa,
This one is old news. Check these out:
http://groups.google.com/groups?q=formmail+spamhl=en
http://www.google.com/search?q=formmail+spam
You can use this site to see what has already been discussed on these
newsgroups:
http://online.securityfocus.com/search
Search for formmail
Lisa Bogar disturbed my sleep to write:
Just trying to find out more information and I am surprised if it is
indeed happening why I haven't seen anything on CERT or bugtraq.
This is an old bug, so that might be why you haven't seen it. Upgrade
to the latest version of formmail (I think it's
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You havent seen anything on bugtraq because, sorry to tell you, this is an
old vulnerability...
Apparently, from what I hear, Matt's script archive aren't the best
scripts in the world... I think there is a replacement project on
sourceforge.net...
Hi Lisa,
There is, I think, nothing special about FormMail.pl and this exploit
Any request to send mail made from the local machine is not relaying.
The request to send mail comes in via http.
the request sendmail receives is from the owner of the cgi script (local)
which may or may not be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
http://nms-cgi.sourceforge.net/
here is that link I mentioned... these are drop-in replacements for Matt's
scripts...
thanks,
shawn
On Thu, 21 Feb 2002, Lisa Bogar wrote:
Shawn,
Yep, your right. I wasn't given the complete information about
Lisa Bogar([EMAIL PROTECTED])@Wed, Feb 20, 2002 at 04:09:17PM -0700:
Just trying to find out more information and I am surprised if it is
indeed happening why I haven't seen anything on CERT or bugtraq.
Yeah, this one's real. The ISP I work for had to add an additional note
to our
On page 158 of Lincoln Stein's Web Security book, FormMail (version 1) is listed as
having a vulnerablity allowing remote users to execute commands with server
privileges. The book is rather dated (copyright 1998), but if that's the version
being run then yes, there is a published
On Wednesday 20 February 2002 05:09 pm, Lisa Bogar wrote:
Someone on campus called me yesterday inquiring about how to stop relaying
through sendmail. He thought he had configured his sendmail.cf to not
allow relaying, but then got notified he was relaying mail. Today after
some searching
Quoting Lisa Bogar ([EMAIL PROTECTED]):
www.8wire.com. Is anyone else familar with this and have you encountered
it? The logs show attacks targeted at the cgi-bin that sent out tons of
porno spam.
Your formmail.pl is a security hazard. Not only does it allow the
specification of arbitray
On Wed, Feb 20, 2002 at 04:09:17PM -0700, Lisa Bogar wrote:
Someone on campus called me yesterday inquiring about how to stop relaying
through sendmail. He thought he had configured his sendmail.cf to not
allow relaying, but then got notified he was relaying mail. Today after
some
Shawn,
Yep, your right. I wasn't given the complete information about how they
had neglected to update their code. Thanks for pointing this out. I'm
kind of wondering if some of those log entries someone else experienced
might be due to the same thing this individual incurred. I don't work
formmail.pl is a script known to be exploited by spammers in the way you
describe.
We get many hits from people searching for this script every day, even
though it does not exist on our servers.
The script should be removed, and any attemps to exploit it reported to the
exploiter's service
13 matches
Mail list logo
