Full Disclosure mailing list archives

Re: HTTP request with SMTP message

From: "Volker Tanger" <volker.tanger () discon de>
Date: Mon, 24 Nov 2003 18:05:28 +0100

Greetings!

On Mon, 24 Nov 2003 16:25:30 -0000 "Tiago Halm" <thalm () netcabo pt>
wrote:

It's not the first time, but I gave up trying to figure it out.
My IIS (port 80) received this HTTP request from x.x.x.x.

POST http://x.x.x.x:25/ HTTP/1.1


They try to abuse your IIS as SMTP relay, hoping it works as proxy, too
- similar to  http://www.securityfocus.com/bid/4131/

Bye

Volker Tanger
ITK-Security

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

HTTP request with SMTP message Tiago Halm (Nov 24)
- Re: HTTP request with SMTP message Volker Tanger (Nov 24)
- Re: HTTP request with SMTP message Vincent Renardias (Nov 24)
- Re: HTTP request with SMTP message Lorenzo Hernandez Garcia-Hierro (Nov 24)
- Re: HTTP request with SMTP message Valdis . Kletnieks (Nov 24)
- <Possible follow-ups>
- RE: HTTP request with SMTP message Seamus Hartmann (Nov 24)