[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] POSSIBLE ATTACK newline in string

Subject: Re: [cobalt-security] POSSIBLE ATTACK newline in string
From: "James Zawacki" <jzawacki@xxxxxxxxxxxxxx>
Date: Thu, 05 Feb 2004 07:09:51 -0600
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hello,

If I remember correct, it is a very OLD exploit in sendmail.  Well, so old that sendmail tells you that someone is trying to exploit it.  I usually don't pay much attention to them, but if it lists an IP (as yours does) I add it to my ipchains block list.

James

The following message was sent by "Simon Wilson" <simon@xxxxxxxxxxxxx> on Thu, 5 Feb 2004 11:23:49 -0000.

> Does anyone know what these are I seem to be getting quite alot of these
> at the moment?
> 
> Active System Attack Alerts
> 
> Feb 5 01:32:07 ns1 sendmail[8467]: i151W6908467: POSSIBLE ATTACK from
> [220.79.92.45]: newline in string "wcuvbpqbpv^M "
> 
> Feb 5 01:36:51 ns1 sendmail[8639]: i151ap908639: POSSIBLE ATTACK from
> cpe-68-118-242-190.ma.charter.com: newline in string "krxyjowdvq^M "
> 
> Thanks
>  
> Simon
> 





---------------------------------------------------------------
http://www.customlynx.com - Low cost web authoring and hosting!
Get your FREE E-mail address or give them out! (culymail.com)

Follow-Ups:
- Re: [cobalt-security] POSSIBLE ATTACK newline in string
  - From: Al-Juhani

Prev by Date: [cobalt-security] POSSIBLE ATTACK newline in string
Next by Date: Re: [cobalt-security] POSSIBLE ATTACK newline in string
Previous by thread: [cobalt-security] POSSIBLE ATTACK newline in string
Next by thread: Re: [cobalt-security] POSSIBLE ATTACK newline in string

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index