formmail.pl - What hack is this?

• Previous message (by thread): formmail.pl - What hack is this?
• Next message (by thread): formmail.pl - What hack is this?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In message <011601c1a7a7$22eae140$c89d05c7 at TAKA>, "John Palmer (NANOG Acct)" wr
ites:
>
>Anyone hear of some sort of a cracking method that uses cgi-bin/formmail?
>I've seen alot of these in my httpd/access_log files
>lately. I don't have formmail.pl anywhere on my system - I flushed all of
>the cgi-bin stuff that came with apache a long time ago.
>
Spammers are actively looking for such scripts to abuse to send junk mail.
See, for example, http://securitytracker.com/alerts/2001/Mar/1001108.html


		--Steve Bellovin, http://www.research.att.com/~smb
		Full text of "Firewalls" book now at http://www.wilyhacker.com

• Previous message (by thread): formmail.pl - What hack is this?
• Next message (by thread): formmail.pl - What hack is this?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]