[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Spammer sending from httpd on our RaQ3

Subject: RE: [cobalt-users] Spammer sending from httpd on our RaQ3
From: "Andy Brown" <andy.brown@xxxxxxxxxxxxx>
Date: Wed Dec 12 14:35:17 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> Someone is sending spam via one of our RaQs, they've 
> apparently found a way to send mail as if it were coming from 
> the http daemon.  Not sure just how to disable this, 
> particularly in a way that the GUI won't re-enable next time 
> we add an email account.  Any ideas?  
> 



Hi,
This looks to me like a formmail.cgi vulnerability. Make sure any sites
on your server are using the most up to date version of the formmail.cgi
script
Check out: http://www.worldwidemart.com/scripts/formmail.shtml for the
update information. The new version is 1.9 and released august 3rd. I'd
advise all your raq users to update their formmail scripts if they
haven't already.

Regards,
Andy
andy@xxxxxxxxxxxxxxxxxxxxx
http://ineedlinux.info/
http://www.linuxnetworking.co.uk

Follow-Ups:
- [cobalt-users] Cannot delete sites from a RaQ4
  - From: First Hosting

Prev by Date: RE: [cobalt-users] Spammer sending from httpd on our RaQ3
Next by Date: Re: [cobalt-users] Spammer sending from httpd on our RaQ3
Previous by thread: RE: [cobalt-users] Spammer sending from httpd on our RaQ3
Next by thread: [cobalt-users] Cannot delete sites from a RaQ4

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index