Security Incidents mailing list archives

Real-world attacks on sendmail CA-2003-07 seen

From: Bennett Todd <bet () rahul net>
Date: Fri, 7 Mar 2003 12:37:13 -0500

Just a heads-up everyone, the sendmail header parsing buffer
overflow announced this last Monday, as (among other things) CERT
CA-2003-07[1] is now being actively exploited on the internet.

We logged received msgs that triggered the truncator code this
morning at about 3 in the morning, US/Eastern; three different
attacks spread over two different MX hosts.

-Bennett

[1] <URL:http://www.cert.org/advisories/CA-2003-07.html>

Attachment: _bin
Description:

Current thread:

Real-world attacks on sendmail CA-2003-07 seen Bennett Todd (Mar 07)
- Re: Real-world attacks on sendmail CA-2003-07 seen Mike Tancsa (Mar 10)
  - Re: Real-world attacks on sendmail CA-2003-07 seen Bennett Todd (Mar 10)
    - worm/Trojans are taking advantage of default path of Windows kyle (Mar 11)
  - Re: Real-world attacks on sendmail CA-2003-07 seen Jeff Kell (Mar 10)
- Re: Real-world attacks on sendmail CA-2003-07 seen jlewis (Mar 10)
  - Re: Real-world attacks on sendmail CA-2003-07 seen Bennett Todd (Mar 10)
    - Re: Real-world attacks on sendmail CA-2003-07 seen Juan Gallego (Mar 10)
    - Re: Real-world attacks on sendmail CA-2003-07 seen gabriel rosenkoetter (Mar 11)
- <Possible follow-ups>
- Re: Real-world attacks on sendmail CA-2003-07 seen Curt Wilson (Mar 10)
- RE: Real-world attacks on sendmail CA-2003-07 seen Barry Kokotailo (Mar 10)

(Thread continues...)