[Snort-users] smtp rcpt to overflow

Hugh Brown snort at ...6013...
Wed Jun 5 07:55:07 EDT 2002


I get the same alert all the time...curiously enough it mostly comes
from a server at debian aimed at one of my mail servers (none of them
lotus) so it appears to be, at least on the surface, legitimate traffic.



Hugh

-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Hugo Ferr
Sent: Wednesday, June 05, 2002 10:45 AM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] smtp rcpt to overflow


'SMTP RCPT TO' overflow is buffer overflow for Lotus Sevrers. I have
7444 entries for the same exploit but I have sendmail server. All 744
come form the same address, it looks like guy is pretty persistent or he
just cannot figuer out that this is not a Lotus server :-) Just want to
double-check: this exploit cannnot cause any damage to sendmail systems,
right?

_______________________________________________________________

Don't miss the 2002 Sprint PCS Application Developer's Conference August
25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm

_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users







More information about the Snort-users mailing list