On Tue, 19 Dec 2006, Ray Anderson wrote: > This looks like a failed header injection attack. > > Some background: Lots of web form handlers, including the most basic > Perl and PHP tools, will build the headers and body of a message as one > long string, then pass it to Sendmail.
Ah, okay, the light goes on. That's also supported by this: > Received: (from [EMAIL PROTECTED]) > by pflock.pfadi.ch (8.12.11/8.12.11/Submit) id kBJMHFr4016111; > Tue, 19 Dec 2006 23:17:15 +0100 (CET) > (envelope-from www) -- John Hardin KA7OHZ http://www.impsec.org/~jhardin/ [EMAIL PROTECTED] FALaholic #11174 pgpk -a [EMAIL PROTECTED] key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- "Bother," said Pooh as he struggled with /etc/sendmail.cf, "it never does quite what I want. I wish Christopher Robin was here." -- Peter da Silva in a.s.r ----------------------------------------------------------------------- 6 days until Christmas
