Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Re: sendmail exploit
From: Matt Andreko <mandreko () ori net>
Date: Thu, 12 May 2005 13:34:54 -0500

Not to sound like a smartass, but there are such things as blind pen-tests...

Dave Korn wrote:
----Original Message----

From: migalo digalo
Message-Id: 433ee3d9050510145060008332 () mail gmail com

hi all;

this my first post in this mailing list;so please ...

i am doing same pen-tests ,to apply the bit of theorical knowledge i
have ,and  nessus show me same 'Critical' vulnerabilities:
sendmail 8.8

----Original Message----

From: migalo digalo
Message-Id: 433ee3d9050511042222a87a5b () mail gmail com

i think it's really a 8.8 (redhat6.2) and not a honeypot or thing like

  So can we conclude that the reason why you don't actually know if it's a
honeypot or not because it is not your system and you're actually trying to
break in to it, not "pen-test" it?

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]