Arnt Gulbrandsen wrote:
On Wednesday, November 12, 2014 7:24:44 PM CEST, Murray S. Kucherawy
wrote:
Looks vaguely like the recent bash attack.
Yes. It's trying to see whether anyone's handling To, References, Cc,
From, Subject, Date, Message-ID, Comments, Keywords, Resent-Date,
Resent-From or Resent-Sender using bash. But is anyone falling for it?
I'm curious.
Yes, apparently qmail:
qmail is a vector for CVE-2014-6271 (bash "shellshock")
http://www.gossamer-threads.com/lists/qmail/users/138578
http://en.wikipedia.org/wiki/Shellshock_(software_bug)#Qmail_server
Mark
_______________________________________________
ietf-822 mailing list
ietf-822(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-822