Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Re: DNS Injection Problem
From: "Blade Runner" <blade () seven com br>
Date: Tue, 6 May 2003 10:56:44 -0300 (BRT)
Do you have bind interacting with a windows Active Directory Setup
which allows clients to update / modify DNS in bind?


No we don't have this kind of service running ...yet.


Web Server: apache 1.3.27 + php-4.3.1 + SquirrelMail 1.4.0


Squirrel Mail has had quite a number of security problems in the past,
Have you kept on top of the patches and updates for it in the past?
Danny
Network Security Engineer


Yes, I thought about that either, I am looking in SquirrelMail mailing
list for this version's bugs and checking the PHP configuration.
By now I redirected the webmail sevice to another machine.

Thanks for the advice.




-- 
Blade Runner - Squirrel Mail
Linux Powered
ICQ 40959703
http://www.seven.com.br

----------------------------------------------------------------------------
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the 
world's premier event for IT and network security experts.  The two-day 
Training features 6 hand-on courses on May 12-13 taught by professionals.  
The two-day Briefings on May 14-15 features 24 top speakers with no vendor 
sales pitches.  Deadline for the best rates is April 25.  Register today to 
ensure your place. http://www.securityfocus.com/BlackHat-incidents 
----------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]