mailing list archives
[PEN-TEST] Debug command on Sendmail
From: "DonSata (ZekSata)" <zeksata () UNICRAFT COM>
Date: Tue, 12 Sep 2000 23:32:57 -0400
Im not a security expert and probably very far from getting there... anyhow
Im making a really big effort to get to it. =)
I've been an active reader of all comments in all the security realted
mailing lists and have been trying to exercise all kinds of exploits and
penetration tests in my own home-built lab. I guess its the best way to
learn how to protect myself from them.
ok.. enough of that...
Im hoping someone could help with the following.
I have bumped several times into the DEBUG COMMAND exploit for Sendmail. I
get this using nessus scanner.
Like with all other vulnerabilities, I try to find the way to make it work,
without using any kind of scripts. (Remember... my goal here is to learn...
not actually the succesfull penetration of a system.)
The only information I get about this vulnerability is the one at
www.nessus.org home page and the one in here:
Can anybody point me to a script which I can study with to learn how this
exploit actually works? or a paper that describes something usefull about
it? I only seem to find people that say.. "update the version of sendmail"
and things like that...
my question is "WHY?".