Exim on FreeBSD

Unanswered Question
Aug 28th, 2007
User Badges:

I'm seeing a lot of this lately and they're all sent from Exim 4.6x on FreeBSD

Anyone else seeing this? I don't see a known vulnerability in Exim posted anywhere.

What are you thinking...if pat sees this your divorced dude. :-{) see for yourself... <a>http://www.youtube.com/watch?v=9pVYeTXMJ1l</a>

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Donald Nash Fri, 08/31/2007 - 17:17
User Badges:

It's one of the latest social engineering exploits: an updated version of the "Storm" trojan. The YouTube link is bogus, you actually get taken to some cracked machine with a cheesy mockup of YouTube. On that page is a link to download a file called "video.exe", which is the exploit program. If you are inferring that the sending host is Exim/FreeBSD based on the headers of the message, then that's probably a mistake because those are almost certainly forged.


This Discussion