[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] Apache problems?? Help

Subject: RE: [cobalt-security] Apache problems?? Help
From: "Bob Noordam" <mac@xxxxxxxx>
Date: Tue, 17 Feb 2004 20:06:36 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

	myserver voldemort.sinectis.com.ar - - [17/Feb/2004:06:31:53 -0500]
"POST http://200.51.38.2:25/ HTTP/1.0" 302 217 "-" "$
	myserver voldemort.sinectis.com.ar - - [17/Feb/2004:06:31:54 -0500]
"PUT http://200.51.38.2:25/ HTTP/1.0" 302 217 "-" "-"
<http://200.51.38.2:25/>

	Then in my admin email box I get Mail Delivery Subsystem messages
saying some mail I didnt sent headers as follows:


	Why does it seem that my webserver is just allowing people to spam
through it??





The PUT in the logs suggest someone is using a form script on a website to
create and send the mail for them. Many older scripts allow to be called
externaly with ALL parameters including final recipient, subject, content
etc etc etc

Bob.

References:
- [cobalt-security] Apache problems?? Help
  - From: lists

Prev by Date: RE: [cobalt-security] openssl exploitable still?
Next by Date: Re: [cobalt-security] openssl exploitable still?
Previous by thread: [cobalt-security] Apache problems?? Help
Next by thread: Re: [cobalt-security] Apache problems?? Help

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index