On 02/10/2011 05:06 PM, jdow wrote: > Apparently it is active in the wild now. If a machine is not patched to > the hilt, which Fedora discourages with updates that make the machine > unusable once and awhile and upgrades needed several times a year it > seems, you have problems. > > It is an exploit. It attacks Linux machines. That's proof that such > things exist. If they exist then zero day exploits also exist that > just have not been discovered yet. Safe is better than sorry. >From what I read, you have to invoke spamass-milter with the -x flag in order to be vulnerable. My configuration does not use the -x flag for spamass-milter. Therefore, no exploit for me. I also check my mail logs for the last 2 months (or so), and I found to connections from the site in question, and no references to "root+|" in the logs. (Should I have seen evidence in the logs?) -- Kevin J. Cummings kjchome@xxxxxxxxxxx cummings@xxxxxxxxxxxxxxxxxx cummings@xxxxxxxxxxxxxxxxxxxxxxx Registered Linux User #1232 (http://counter.li.org) -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines