nanog mailing list archives

RE: formmail.pl - What hack is this?

From: "Tim Irwin" <tim () eng bellsouth net>
Date: Sun, 27 Jan 2002 22:15:59 -0500

-----Original Message-----
From: owner-nanog () merit edu [mailto:owner-nanog () merit edu]On Behalf Of
John Palmer (NANOG Acct)
Sent: Sunday, January 27, 2002 9:55 PM
To: nanog () merit edu
Cc: 'BSDI users List'
Subject: formmail.pl - What hack is this?

Anyone hear of some sort of a cracking method that uses cgi-bin/formmail?
I've seen alot of these in my httpd/access_log files
lately. I don't have formmail.pl anywhere on my system - I flushed all of
the cgi-bin stuff that came with apache a long time ago.

John


A quick search at securityfocus.org reveals that there were a couple of
formmail security problems and loophole that spammers used dating back to
last year.  Here's a link to an email in the archive on securityfocus.org
that has a brief synopsis:

http://www.securityfocus.org/archive/1/193497

Hope this helps,
Tim

Current thread:

formmail.pl - What hack is this? John Palmer (NANOG Acct) (Jan 27)
- Re: formmail.pl - What hack is this? Jeff Wasilko (Jan 27)
- Re: formmail.pl - What hack is this? Andy Walden (Jan 27)
- RE: formmail.pl - What hack is this? Tim Irwin (Jan 27)
- <Possible follow-ups>
- Re: formmail.pl - What hack is this? Steven M. Bellovin (Jan 27)