[Please upgrade or set ACL's if you use a vulnerable Junkbuster -- Raju] This is an RFC 1153 digest. (1 message) ----------------------------------------------------------------------
Message-ID: <[EMAIL PROTECTED]> From: Andrew Daviel <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: junkbuster 2.0-1 proxy relaying spam Date: Mon, 23 Dec 2002 02:11:41 -0800 (PST) I just found a "junkbuster" proxy on a RedHat 6.2 machine being used to relay spam - a bit ironic, considering the intention of the program. This is junkbuster-2.0-1 installed as part of a "complete install" on RedHat 6.2. It seems that the default install sets no ACL, no logging, and starts the program on boot. This is not the buffer overflow reported in 1998. It is a simple use of the HTTP CONNECT method similar to the Korean school Apache proxies The default for junkbuster 2.0-2 is to listen on localhost only, so modern installs should be safe. -- Andrew Daviel, TRIUMF, Canada Tel. +1 (604) 222-7376 [EMAIL PROTECTED] ------------------------------ End of this Digest ****************** -- Raju Mathur [EMAIL PROTECTED] http://kandalaya.org/ It is the mind that moves ================================================ To unsubscribe, send email to [EMAIL PROTECTED] with unsubscribe in subject header. Check archives at http://www.mail-archive.com/ilugd%40wpaa.org
