Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
672
Views
0
Helpful
2
Replies

Buffer Overflow Exploit

managed.security
Level 1
Level 1

‎05-11-2005 10:52 AM - edited ‎03-10-2019 01:26 AM

We are MSSP and one of our clients is generating lots Buffer Overflow Exploit from source 196.35.77.17.This source is IS SMTP relay server that relays mail to client network.

Now we are picking up this Buffer Overflow Exploit from this source.

Can this mean that this signature is a false positve from misconfigured IS server?

Any sugestion please

Labels:
0 Helpful
2 Replies 2

managed.security
Level 1
Level 1

‎05-11-2005 03:36 PM

To be more specific this is triggered by Sendmail Data Header Overflow (ID 3115) and destination port is tcp 25.

0 Helpful

ktimm
Level 1
Level 1
In response to managed.security

‎05-17-2005 07:52 AM

That is pretty common with that signature. The most common cause I have seen has been spam.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card