On Mon, 6 Oct 2014, Matthew Miller wrote:
On Mon, Oct 06, 2014 at 11:07:16PM +0000, Bill Oliver wrote:
First, I apologize for this not being fedora-specific, but I just got
the oddest email. It looks like an intrusion attempt, trying to get
sendmail to execute a perl script. Is anybody familiar with this
particular pattern?
Oh my yes. This is a probe for CVE-2014-6271, a serious bug in bash known as
"shellshock". See
<http://fedoramagazine.org/shellshock-how-does-it-actually-work/>.
If your system is up to date, you should be safe -- all major distributions
released patches quickly.
I sorta thought that, but I didn't think that sendmail was vulnerable to it...
billo
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
