Re: automated phishing email

[Hanno Böck <hanno () hboeck de>]

Am Mon, 6 Oct 2014 13:12:39 -0400
schrieb Mason Loring Bliss <mason () blisses org>:

> A co-worker suggested that this might have been aimed at procmail.
>
>     https://bpaste.net/show/41323f7d9b35
>
> I'm curious if anyone has thoughts about what the target might have
> been for this attempt.

qmail is vulnerable:
http://marc.info/?l=qmail&m=141183309314366&w=2

However I think this is probably not aimed at something. It's likely
just "try if we find something vulnerable, we don't care what it is".

Btw: at least one of the exploit scripts is still online. This is one
of the issues that comes with this event: There are *many* hosts out
there that have a very bad abuse handling. These things stay online
far too long.

-- 
Hanno Böck
http://hboeck.de/

mail/jabber: hanno () hboeck de
GPG: BBB51E42

Attachment: signature.asc
Description: