Full Disclosure: Re: User Enumeration Flaw

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: User Enumeration Flaw

From: "Dave Korn" <davek_throwaway () hotmail com>
Date: Mon, 20 Feb 2006 14:03:15 -0000

Mar.Shatz () education gov il wrote:

whitehouse.gov          MX      100 mailhub-wh2.whitehouse.gov
noone () box:~$
noone () box:~$ telnet mailhub-wh2.whitehouse.gov 25
Trying 63.161.169.140...
Connected to mailhub-wh2.whitehouse.gov.
Escape character is '^]'.
220 whitehouse.gov ESMTP service at Sun, 12 Feb 2006 11:29:38 -0500
(EST) helo jojo
250 esgeop03.whitehouse.gov Hello [xxx.xxx.xxx.xxx], pleased to meet
you mail from:bob () com com
250 2.1.0 bob () com com    Sender ok
rcpt to:gbush () whitehouse gov
550 5.1.1 gbush () whitehouse gov    User unknown
rcpt to:president () whitehouse gov
250 2.1.5 president () whitehouse gov    Recipient ok
quit
221 2.0.0 esgeop03.whitehouse.gov closing connection
Connection closed by foreign host.

User enumeration at the whitehouse



  Tell DHS at once!  What would happen if Al-Qaeda could figure out that 
there was a president in the whitehouse?


    cheers,
      DaveK
-- 
Can't think of a witty .sigline today.... 



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

User Enumeration Flaw Mar . Shatz (Feb 18)
- Re: User Enumeration Flaw Simon Smith (Feb 18)
- Re: User Enumeration Flaw Valdis . Kletnieks (Feb 18)
- Re: User Enumeration Flaw Dave Korn (Feb 20)
  - Re: Re: User Enumeration Flaw Valdis . Kletnieks (Feb 20)
  - Re: Re: User Enumeration Flaw Michael Holstein (Feb 21)