At 08:54 AM 6/27/2003, you wrote:I run email on a RaQ3, for which there is not a Sun patch. I used the SolarSpeed patch. I also have a RaQ4 doing mail and I initially patched with SolarSpeed, but later removed it and applied the Sun patch when it became available.At 02:28 PM 6/27/2003 +0100, you wrote:
Recently I have started to get this log report
sendmail: Truncated MIME Content-Disposition header due to field size (possible
attack)
Is this something that I can prevent and stop? I'm running fully patched raq3
and raq4r and message appears in both logfiles.
It is the SoBig.E virus being sent to user's mailboxes. It hit my mail server as quickly as I read the news about it yesterday and numerous times. Interestingly, the news about the virus does not report that it is sending an oversize mail header. Is this an indication that it was designed to take advantage of the sendmail vulnerability that we patched a few months ago? You did patch for the oversized header vulnerability didn't you?
Was that a cobalt patch or a non-cobalt patch?
Cheers!
_______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
