Arrigo, What you'd see if you were attacked using the vulnerability we announced patches for would...not necessarily be distinguishable from regular traffic to your RT server. Though you _would_ see the malicious user's IP in your logs. I think you hit a case where something went wrong with transaction creation, possibly related to the file someone was trying to attach.
It looks like a bug. But it doesn't look like you were attacked. Best, Jesse
signature.asc
Description: Digital signature
_______________________________________________ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: [email protected] Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
