You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2003/06/09 02:57:40 UTC
DO NOT REPLY [Bug 20597] New: -
mod_proxy opens mail relay
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=20597>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=20597
mod_proxy opens mail relay
Summary: mod_proxy opens mail relay
Product: Apache httpd-1.3
Version: 1.3.26
Platform: PC
OS/Version: Other
Status: NEW
Severity: Major
Priority: Other
Component: mod_proxy
AssignedTo: bugs@httpd.apache.org
ReportedBy: muellkontrolle@hotmail.com
When set to
"Allow From All" (which is quite careless, I might add)
mod_proxy allows spammers to use a request like
POST http://www.mydomain.com:25/ HTTP/1.1
or
CONNECT smtp.mail.yahoo.com:25 HTTP/1.0
To connect to the local MTA (e.g. sendmail) running on the webserver. This makes
any apache with the config mentioned above a very nice target for spammers.
cf. discussion @
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&threadm=patpro.pouet-47B38A.10003106062003%40news.wanadoo.fr&rnum=1&prev=/groups%3Fhl%3Den%26lr%3D%26ie%3DISO-8859-1%26q%3D3EDFCB3A.8000709%2540NO.nf.sympatico.ca.SPAM%26btnG%3DGoogle%2BSearch
These attacks seem to come from Asia and the US, I witnessed some more or less
successful attacks in the last two days. You may want to declare this security
relevant.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org