Shellshock via SMTP, (Fri, Oct 24th)

Ive received several reports of what appears to be shellshock exploit attempts via SMTP. The sources so far have all be webhosting providers, so Im assuming these are compromised systems.” />

The payload is an IRC perl bot with simple DDoS commands and the ability to fetch and execute further code.

(c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.

Reposted from SANS. View original.