Reports of Attacks against EXIM vulnerability
Users of the popular exim mail server report attacks exploiting the recently patches vulnerability [1,2]. It appears that the attacks are scripted and installing popular rootkits. If you experienced an attack against exim: We are interested in packet captures or other logs showing how the attack is performed.
[1] http://www.reddit.com/r/netsec/comments/en650/details_of_the_root_kit_that_got_installed_on_my/
[2] http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html
------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter
Keywords: exim
4 comment(s)
×
Diary Archives