Re: Possible Attack?
From: Paul Howarth (paul_at_city-fan.org)
To: For users of Fedora Core releases <email@example.com> Date: Thu, 15 Sep 2005 08:02:33 +0100
On Wed, 2005-09-14 at 23:07 -0600, chris wrote:
> I'm trying to figure out what this means... It came through my logwatch
> a couple of weeks ago
> "WARNING!!!! Possible Attack:
> Attempt from UNKNOWN with:
> Fixed MIME Content-Type header field: 1 Time(s)
> Total: 1 Time(s)"
> It only showed up once.
> any help would be appreciated.
It means that your mail server detected a malformed MIME Content-Type
header field in a mail that it processed (probably incoming). It's
possible that some mail program had a buffer overflow or other
vulnerability that could be exploited by sending a carefully-crafted
malfored MIME Content-Type header in an email. The mail server's action
of fixing the header averted this. Logwatch reported the log entry as
something you might be interested in. I wouldn't worry about it.
-- Paul Howarth <firstname.lastname@example.org> -- fedora-list mailing list email@example.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list