[thelist] Formail exploits... Fwd: 404 recorded on the IMM2004 Website
David Siedband
david at calteg.org
Tue Feb 3 15:19:02 CST 2004
The original (MSA) FormMail script is vulnerable to an exploit that
allowed for commands to be issued with the privileges of the web server
process. This vulnerability is commonly exploited by spammers to send
bulk e-mail, and can also lead to compromise of the host.
http://www.securityfocus.com/corporate/research/
top10attacks_q1_2002.shtml
For folks interested in achieving this functionality through cgi-Perl,
there is an improved version of FormMail by the London Perl Mongers
http://nms-cgi.sourceforge.net/
--
David
On Feb 3, 2004, at 12:30 AM, John C Bullas wrote:
> Colleagues
>
> As neither a user of cgi-bins (I rename them) nor formmail (I use
> BFormMail)
> these don't worry me.. should they if I had got formmail in a cgi-bin?
>
> what could this (virus driven?) exploit do?
>
> FB
>
>
>> Tue Feb 3 2004 7:23:30 am GMT
>>
>> 213.139.131.18 tried to load www.imm2004.org/cgi-bin/FormMail.cgi
>>
>> User Agent =
>>
>> Referring URL:
>>
>> http://www.imm2004.org/
>
> --
> * * Please support the community that supports you. * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester and
> archives of thelist go to: http://lists.evolt.org Workers of the Web,
> evolt !
More information about the thelist
mailing list