nanog mailing list archives
Re: formmail.pl - What hack is this?
From: Jeff Wasilko <jeffw () smoe org>
Date: Sun, 27 Jan 2002 22:06:38 -0500
On Sun, Jan 27, 2002 at 08:54:42PM -0600, John Palmer (NANOG Acct) wrote:
Anyone hear of some sort of a cracking method that uses cgi-bin/formmail? I've seen alot of these in my httpd/access_log files lately. I don't have formmail.pl anywhere on my system - I flushed all of the cgi-bin stuff that came with apache a long time ago.
Spammers use it for sending spam. Early versions of FormMail didn't do any input checking and could be used to send mail to any recipient. -j
Current thread:
- formmail.pl - What hack is this? John Palmer (NANOG Acct) (Jan 27)
- Re: formmail.pl - What hack is this? Jeff Wasilko (Jan 27)
- Re: formmail.pl - What hack is this? Andy Walden (Jan 27)
- RE: formmail.pl - What hack is this? Tim Irwin (Jan 27)
- <Possible follow-ups>
- Re: formmail.pl - What hack is this? Steven M. Bellovin (Jan 27)