Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: sendmail exploit
From: Andrew Simmons <asimmons () messagelabs com>
Date: Wed, 11 May 2005 12:34:04 +0100

Hi Migalo,

migalo digalo wrote:
Of course, if you're still running 8.8, there's about 3 zillion OTHER issues
you  could exploit instead....


i think it's really a 8.8 (redhat6.2) and not a honeypot or thing like
that ,if that waht you mean,and yes nessus give other critical warning
about apache 1.3.12 ,the snag is there is no working exploit for thus
vulerabilities (or at least i can't found any)and i have no time to
make one by my self.
so Valdis can you give me some examples of " about 3 zillion OTHER
issues you  could exploit instead....".
>


A good start would be:

http://www.cve.mitre.org/cgi-bin/cvekey.cgi?keyword=sendmail
http://www.securityfocus.com/bid/keyword/ (search for sendmail)

You'll have to review each vuln listed to see whether it affects your version.

cheers

Andrew


Speaking for myself only
--
Andrew Simmons
Technical Security Consultant
MessageLabs

asimmons () messagelabs com
 www.messagelabs.com

MessageLabs - Be certain

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email ______________________________________________________________________
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault