Attack signature of new sendmail vulnerability
Bill Horne
bill at horne.net
Tue Mar 4 12:29:09 EST 2003
TWIMC,
From: http://www.cert.org/advisories/CA-2003-07.html
"A successful attack against an unpatched sendmail system will not leave any
messages in the system log. However, on a patched system, an attempt to
exploit this vulnerability will leave the following log message:
'Dropped invalid comments from header address'"
The advisory doesn't say which log this message would be found in.
HTH.
Bill
--
Bill Horne
781 784-7287
I'm a LAN/WAN Specialist and I'm looking for a job. Please tell your
friends.
More information about the Discuss
mailing list