https://community.cisco.com/t5/network-security/buffer-overflow-exploit/m-p/442913#M99422 <HTML><HEAD></HEAD><BODY><P>To be more specific this is triggered by Sendmail Data Header Overflow (ID 3115) and destination port is tcp 25.</P></BODY></HTML> Wed, 11 May 2005 22:36:40 GMT managed.security 2005-05-11T22:36:40Z https://community.cisco.com/t5/network-security/buffer-overflow-exploit/m-p/442912#M99420 <P>We are MSSP and one of our clients is generating lots Buffer Overflow Exploit from source 196.35.77.17.This source is IS SMTP relay server that relays mail to client network.</P><P></P><P>Now we are picking up this Buffer Overflow Exploit from this source.</P><P></P><P>Can this mean that this signature is a false positve from misconfigured IS server?</P><P>Any sugestion please</P><P></P> Sun, 10 Mar 2019 09:26:47 GMT https://community.cisco.com/t5/network-security/buffer-overflow-exploit/m-p/442912#M99420 managed.security 2019-03-10T09:26:47Z https://community.cisco.com/t5/network-security/buffer-overflow-exploit/m-p/442913#M99422 <HTML><HEAD></HEAD><BODY><P>To be more specific this is triggered by Sendmail Data Header Overflow (ID 3115) and destination port is tcp 25.</P></BODY></HTML> Wed, 11 May 2005 22:36:40 GMT https://community.cisco.com/t5/network-security/buffer-overflow-exploit/m-p/442913#M99422 managed.security 2005-05-11T22:36:40Z https://community.cisco.com/t5/network-security/buffer-overflow-exploit/m-p/442914#M99423 <HTML><HEAD></HEAD><BODY><P>That is pretty common with that signature. The most common cause I have seen has been spam. </P></BODY></HTML> Tue, 17 May 2005 14:52:12 GMT https://community.cisco.com/t5/network-security/buffer-overflow-exploit/m-p/442914#M99423 ktimm 2005-05-17T14:52:12Z