[Snort-users] smtp rcpt to overflow

Hugh Brown snort at ...6013...
Wed Jun 5 07:55:07 EDT 2002

I get the same alert all the time...curiously enough it mostly comes
from a server at debian aimed at one of my mail servers (none of them
lotus) so it appears to be, at least on the surface, legitimate traffic.


-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Hugo Ferr
Sent: Wednesday, June 05, 2002 10:45 AM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] smtp rcpt to overflow

'SMTP RCPT TO' overflow is buffer overflow for Lotus Sevrers. I have
7444 entries for the same exploit but I have sendmail server. All 744
come form the same address, it looks like guy is pretty persistent or he
just cannot figuer out that this is not a Lotus server :-) Just want to
double-check: this exploit cannnot cause any damage to sendmail systems,


Don't miss the 2002 Sprint PCS Application Developer's Conference August
25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm

Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

More information about the Snort-users mailing list