formmail.pl - What hack is this?
Anyone hear of some sort of a cracking method that uses cgi-bin/formmail? I've seen alot of these in my httpd/access_log files lately. I don't have formmail.pl anywhere on my system - I flushed all of the cgi-bin stuff that came with apache a long time ago. John
On Sun, 27 Jan 2002, John Palmer (NANOG Acct) wrote:
Anyone hear of some sort of a cracking method that uses cgi-bin/formmail? I've seen alot of these in my httpd/access_log files lately. I don't have formmail.pl anywhere on my system - I flushed all of the cgi-bin stuff that came with apache a long time ago.
Search first next time: http://www.google.com/search?hl=en&q=formmail+exploit&btnG=Google+Search andy -- PGP Key Available at http://www.tigerteam.net/andy/pgp
On Sun, Jan 27, 2002 at 08:54:42PM -0600, John Palmer (NANOG Acct) wrote:
Anyone hear of some sort of a cracking method that uses cgi-bin/formmail? I've seen alot of these in my httpd/access_log files lately. I don't have formmail.pl anywhere on my system - I flushed all of the cgi-bin stuff that came with apache a long time ago.
Spammers use it for sending spam. Early versions of FormMail didn't do any input checking and could be used to send mail to any recipient. -j
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of John Palmer (NANOG Acct) Sent: Sunday, January 27, 2002 9:55 PM To: nanog@merit.edu Cc: 'BSDI users List' Subject: formmail.pl - What hack is this?
Anyone hear of some sort of a cracking method that uses cgi-bin/formmail? I've seen alot of these in my httpd/access_log files lately. I don't have formmail.pl anywhere on my system - I flushed all of the cgi-bin stuff that came with apache a long time ago.
John
A quick search at securityfocus.org reveals that there were a couple of formmail security problems and loophole that spammers used dating back to last year. Here's a link to an email in the archive on securityfocus.org that has a brief synopsis: http://www.securityfocus.org/archive/1/193497 Hope this helps, Tim
participants (4)
-
Andy Walden
-
Jeff Wasilko
-
John Palmer (NANOG Acct)
-
Tim Irwin