From: "NW7US, Tomas" <[EMAIL PROTECTED]>
JDOW:
I run Fedora 2 (RedHat) Linux. I've updated most everything. I've not
updated to the very latest Apache. Perhaps that's needed.
How would I go about determining if indeed I have a vulnerability such as
what you are hinting at? I watch logs pretty closely, but cannot farret
out this one.
As noted already there is an Apache update on Fedora Legacy. I'd get it.
But also check out the mail scripts you have. I don't have any such so I
don't pay attention to specifics. But they have been known to have various
vulnerabilities that get addressed over time. If you got the script from
somewhere else you might check if there is an update.
All that said, what does a NORMAL header coming into your machine look
like? That should tell you a lot about the bad one. If they look very
much the same then your script was used somehow.
(There is a very obvious hack on these scripts for sending spam to the
owner of the machine. But it's probably not worth spammer's exploiting.
But if the prefilled out address in the script can get changed somehow
the tool becomes a generic spam relay.)
{^_^}
