ajc
03-23-2005, 04:21 PM
I am getting quite a lot of junk email that have this sort of format:
To: PgMcpY9q@forum.mydomain.com
From: PgMcpY9q@forum.mydomain.com
Subject: http://www.forum.mydomain.com/cgi-sys/formmail.pl (211.57.208.66:8080) bcc: blasterattacko@aol.comET zaYJS4bz1kM9 YSGAF7 O hhLbTZZzjPA eNQ 5OipS mJ7UvuCMkCcam9jF Yszxk8pC S EN l K SQT3 ˙FFFFCCabcdefghij.
It looks like the system script is being compromised. I found this article http://handsonhowto.com/cgi103.html that explains it a bit and it appears that even version 1.92 is insecure. How can this be stopped ?
To: PgMcpY9q@forum.mydomain.com
From: PgMcpY9q@forum.mydomain.com
Subject: http://www.forum.mydomain.com/cgi-sys/formmail.pl (211.57.208.66:8080) bcc: blasterattacko@aol.comET zaYJS4bz1kM9 YSGAF7 O hhLbTZZzjPA eNQ 5OipS mJ7UvuCMkCcam9jF Yszxk8pC S EN l K SQT3 ˙FFFFCCabcdefghij.
It looks like the system script is being compromised. I found this article http://handsonhowto.com/cgi103.html that explains it a bit and it appears that even version 1.92 is insecure. How can this be stopped ?