oss-sec mailing list archives

Re: automated phishing email

From: Mason Loring Bliss <mason () blisses org>
Date: Mon, 6 Oct 2014 13:57:04 -0400

On Tue, Oct 07, 2014 at 04:36:20AM +1100, Dave Horsfall wrote:

Pardon me for being new here, but that looks suspiciously like a Shellshock
type of attack. Is Procmail also vulnerable to that sort of thing?


That's the question, and yes, Bash is clearly the target. What was initially
confusing me was how they expected to access Bash from that.

-- 
 Mason Loring Bliss         mason () blisses org        http://blisses.org/  
"I am a brother of jackals, and a companion of ostriches."  (Job 30 : 29)

Current thread:

automated phishing email Mason Loring Bliss (Oct 06)
- Re: automated phishing email Hanno Böck (Oct 06)
- Re: automated phishing email Dave Horsfall (Oct 06)
  - Re: automated phishing email Mason Loring Bliss (Oct 06)