Help with cgi script attack

[Joel Rees]

On 2006/03/18, at 15:36, Knute Johnson wrote:

> I need some help finding the correct place to go to get specific
> help. We have a script that uses sendmail to send form data to the
> site owner. Last night somebody managed to use it to send thousands
> of spam emails.  I need to find the right place to ask about the
> script to determine exactly how the attack was accomplished so we can
> fix the script.  Any direction would be greatly appreciated.

Well, the first question is, did you write the script yourself or is  
it one you picked up somewhere. If someone else wrote it, perhaps  
they have a mailing list or a contact address or a wiki or even a FAQ.

The next question is what language is it written in. Various  
newsgroups and mailing lists exist for various languages, and you may  
be able to find a ng or ml that focuses on networking or cgi in that  
language, which would be even better than a general list or group for  
the language.

After that, there are ngs and mls that focus on cgi and security.

Beyond that, it's a matter of analyzing the source, and whoever in  
your organization is responsible for the program is the one to start  
looking for possible ways in.

Your favorite internet search engine can probably help you find such  
groups. Also, you may be able to find relevant information on wikipedia.

That's probably not what you wanted to hear, but without more  
information, all we can do is guess. Guessing is as likely to send  
you on wild goose chases as in the right direction.