mailing list archives
Re: [PEN-TEST] Debug command on Sendmail
From: Max Vision <vision () WHITEHATS COM>
Date: Wed, 13 Sep 2000 10:38:50 -0700
On Tue, 12 Sep 2000, DonSata (ZekSata) wrote:
I have bumped several times into the DEBUG COMMAND exploit for Sendmail. I
get this using nessus scanner.
Like with all other vulnerabilities, I try to find the way to make it work,
without using any kind of scripts. (Remember... my goal here is to learn...
not actually the succesfull penetration of a system.)
The only information I get about this vulnerability is the one at
www.nessus.org home page and the one in here:
This affects extremely old versions of sendmail (versions before 5.59
according to securityfocus, before 5.65 according to other CERT, I don't
remember when it was fixed). You can read more about it and download an
exploit script from securityfocus.
Note that some MTA respond to the debug command with "200 Debug set
-NOT!", which could fool the Nessus check into giving a false positive:
if(("200 debug set" >< r))security_hole(port);