[45278] in North American Network Operators' Group
Re: formmail.pl - What hack is this?
daemon@ATHENA.MIT.EDU (Jeff Wasilko)
Sun Jan 27 22:07:21 2002
Date: Sun, 27 Jan 2002 22:06:38 -0500
From: Jeff Wasilko <jeffw@smoe.org>
To: "John Palmer (NANOG Acct)" <nanog@adns.net>
Cc: nanog@merit.edu,
"'BSDI users List'" <bsdi-users@mailinglists.org>
Message-ID: <20020127220637.C9101@jane.smoe.org>
Mail-Followup-To: "John Palmer (NANOG Acct)" <nanog@adns.net>,
nanog@merit.edu, 'BSDI users List' <bsdi-users@mailinglists.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <011601c1a7a7$22eae140$c89d05c7@TAKA>; from "John Palmer (NANOG Acct)" on Sun, Jan 27, 2002 at 08:54:42PM -0600
Errors-To: owner-nanog-outgoing@merit.edu
On Sun, Jan 27, 2002 at 08:54:42PM -0600, John Palmer (NANOG Acct) wrote:
>
> Anyone hear of some sort of a cracking method that uses cgi-bin/formmail?
> I've seen alot of these in my httpd/access_log files
> lately. I don't have formmail.pl anywhere on my system - I flushed all of
> the cgi-bin stuff that came with apache a long time ago.
Spammers use it for sending spam. Early versions of FormMail
didn't do any input checking and could be used to send mail to
any recipient.
-j
