Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Debug command on Sendmail
From: Max Vision <vision () WHITEHATS COM>
Date: Wed, 13 Sep 2000 10:38:50 -0700

On Tue, 12 Sep 2000, DonSata (ZekSata) wrote:
I have bumped several times into the DEBUG COMMAND exploit for Sendmail. I
get this using nessus scanner.
Like with all other vulnerabilities, I try to find the way to make it work,
without using any kind of scripts. (Remember... my goal here is to learn...
not actually the succesfull penetration of a system.)
The only information I get about this vulnerability is the one at
www.nessus.org home page and the one in here:
www.cert.org//advisories/CA-93.14.Internet.Security.Scanner.html


This affects extremely old versions of sendmail (versions before 5.59
according to securityfocus, before 5.65 according to other CERT, I don't
remember when it was fixed).  You can read more about it and download an
exploit script from securityfocus.

http://www.securityfocus.com/bid/1

Note that some MTA respond to the debug command with "200 Debug set
-NOT!", which could fool the Nessus check into giving a false positive:

if(("200 debug set" >< r))security_hole(port);

Max


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]