[PLUG] Scanning for formmail ...

Michael Rasmussen rasmussenm at columbiafunds.com
Tue Apr 2 00:23:28 UTC 2002


> From: Colin Kuskie [mailto:ckuskie at dalsemi.com]
> Is anyone else seeing URLs like this in their logs?  Has anyone heard
> about a formmail exploit, or a scanning tool that looks for it?  Also,
> if they're actually stupid enough to use a real email address that's
> potentially traceable, should I send my logs to someone who might
> arrest the little turds?

There is a problem with Formmail prior to version 1.9 which allows the
attacker to send messages to arbitrary email addresses.  This makes you the
source of their SPAM.  v1.9 was released early last August to correct this
problem.  You can read a full description at:
http://worldwidemart.com/scripts/formmail.shtml



--  
  Michael Rasmussen - Network Engineer, Columbia Management
  voice:  971-925-6723  cell:  503-807-1447  rasmussenm at columbiafunds.com
  <mailto:rasmussenm at columbiafunds.com> http://www.columbiafunds.com

NOTICE:  This communication may contain confidential or other privileged information.  If you are not the intended recipient, or believe that you have received this communication in error, please do not print, copy, retransmit, disseminate, or otherwise use the information.  Also, please indicate to the sender that you have received this email in error, and delete the copy you received.  Any communication that does not relate to official Columbia business is that of the sender and is neither given nor endorsed by Columbia.  Thank you.






More information about the PLUG mailing list