Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Email Security Quick-links: ESA Product Support | SMA Product Support | Email Submission and Tracking Portal | Cisco SecurityHub
Current General Deployment (GD) Releases:
ESA: 11.0.0-264 WSA: 10.5.1-296 SMA: 11.0.0-115 Email Plug-in (Reporting): 1.0.1-048 Email Plug-in (Encryption): 1.0.0-036

New Member

Exim on FreeBSD

I'm seeing a lot of this lately and they're all sent from Exim 4.6x on FreeBSD

Anyone else seeing this? I don't see a known vulnerability in Exim posted anywhere.

<html>
<body>
What are you thinking...if pat sees this your divorced dude. :-{) see for yourself... <a>http://www.youtube.com/watch?v=9pVYeTXMJ1l</a>
</body>
</html>

1 REPLY
New Member

Re: Exim on FreeBSD

It's one of the latest social engineering exploits: an updated version of the "Storm" trojan. The YouTube link is bogus, you actually get taken to some cracked machine with a cheesy mockup of YouTube. On that page is a link to download a file called "video.exe", which is the exploit program. If you are inferring that the sending host is Exim/FreeBSD based on the headers of the message, then that's probably a mistake because those are almost certainly forged.

258
Views
0
Helpful
1
Replies