Security Incidents mailing list archives

Re: Possible Mail server compromise ?

From: Michael Loftis <mloftis () wgops com>
Date: Wed, 13 Feb 2008 02:55:16 -0700

--On February 13, 2008 12:41:28 AM +0100 "Faas M. Mathiasen"<faas.m.mathiasen () googlemail com> wrote:


<...>

Is anybody aware if this is common knowledge? Who else has seen such
an attack ? Are you monitoring your mail servers for such compromises
regularly? The name of the Anti-Virus scanner will not be told,
exploit might be available up on request, as soon as we analyzed it
for content that might reveal specifics
about us.

clamav has known vulnerabilities in past versions, FYI. But as for "commonknowledge" one can only answer that if one knows what AV software you'reseeing the issue with. Upgrade to the latest version first, see if it'sstill reproducible. Also submit the malware to the AV vendor (or authors)


<...>

Current thread:

RE: Possible Mail server compromise ?, (continued)
- RE: Possible Mail server compromise ? Worrell, Brian (Feb 04)
- Re: Possible Mail server compromise ? Jon R. Kibler (Feb 04)
  - Re: Possible Mail server compromise ? Tony Maupin (Feb 04)
    - Re: Possible Mail server compromise ? Faas M. Mathiasen (Feb 04)
    - Re: Possible Mail server compromise ? Valdis . Kletnieks (Feb 05)
- Message not available
  - Re: Possible Mail server compromise ? Faas M. Mathiasen (Feb 04)
    - Message not available
    - Re: Possible Mail server compromise ? Faas M. Mathiasen (Feb 04)
    - Re: Possible Mail server compromise ? Gary Baribault (Feb 04)
    - Re: Possible Mail server compromise ? Faas M. Mathiasen (Feb 04)
- Re: Possible Mail server compromise ? Faas M. Mathiasen (Feb 12)
  - Re: Possible Mail server compromise ? Michael Loftis (Feb 13)
  - Re: Possible Mail server compromise ? Jon Oberheide (Feb 13)
  - Re: Possible Mail server compromise ? Faas M. Mathiasen (Feb 19)
    - Re: Possible Mail server compromise ? Bob Toxen (Feb 19)
    - Re: Possible Mail server compromise ? Faas M. Mathiasen (Feb 19)
    - Re: Possible Mail server compromise ? Valdis . Kletnieks (Feb 20)
    - Re: Possible Mail server compromise ? Bob Toxen (Feb 20)
    - Re: Possible Mail server compromise ? Faas M. Mathiasen (Feb 20)
    - Re: Possible Mail server compromise ? Eygene Ryabinkin (Feb 20)
    - Re: Possible Mail server compromise ? Faas M. Mathiasen (Feb 20)
    - Re: Possible Mail server compromise ? Valdis . Kletnieks (Feb 20)

(Thread continues...)