It looks a bit like a buffer overflow exploit, I'm not sure which one
though. Perhaps if you go to www.securityfocus.com and have a look at
some of their info on this stuff it might give you a better idea. I'm on
the vulnerabilities-development list but I haven't seen this particular
one.
Good luck.
Angus Beath
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Nima S. Panahi
Sent: Friday, 20 July 2001 12:39 PM
To: [EMAIL PROTECTED]
Subject: [expert] Email attack?
I recieved this email at my server for panahi.com. It was sent by server
outside of panahi.com, but labeled as if it was from our domain to our
domain. It seems to be an attack but I cannot figure out an attack on
what. Should I be worried , should I check other logs..? Please help if
you know. I am running 8.0 Beta 2 with most of the packages upgraded to
8.0 final. TIA
---------- Forwarded message ----------
Date: Thu, 19 Jul 2001 08:03:50 -0500 (CDT)
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]
Hello:
=AB=DC=A9=EA=BAp=A5=B4=C2Z=B1z!
=B8=B2=B5=E5=A4=FD=B8=B2=B2=B3=A5=F8=B7~=A5=CD=AA=AB=AC=EC=A7=DE=B0=B7=B
1d=C1=BF=AEy=A1A=A1A=A6b=B7|=AD=FB=A5N=B8=B9=AA=BA=A6a=A4=E8=BD=D0=BF=E9
=A4J AA00002
=A4~=AF=E0=ACd=B8=DF=A9=D2=A6=B3=A4=BA=AEe=C1=DC=A1I=A5=CD=AA=AB=AC=EC=A
7=DE=AA=BA=B5o=AEi=B4N=ACO=B1z=AA=BA=B3=CC=A8=CE=BE=F7=B7|=A1A=A4=A3=ADn
=A7=D1=B0O=A8=D3=B3}=B3}=A1I=A1I=C1=D9=A5i=A5H=A5=D3=BD=D0=A7K=B6O=A5[=A
4J=A6=A8=AC=B0=AD=D1=BC=D6=B3=A1=B7|=AD=FB=A1A=A5i=A5H=BE=D6=A6=B3=AB=DC
=A6h=BA=D6=A7Q=A1A=A6=A8=A5\=AA=BA=A4H=A7=E2=B4=A4=BE=F7=B7|=A1A=A6=B8=B
5=A5=AA=BA=A4H=B5=A5=AB=DD=BE=F7=B7|=A1I=A1I=A1I
