Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Re: MS99-027 - New IIS problem?

Re: MS99-027 - New IIS problem?

From: Tom Fischer <Tom.Fischer_at_rus.uni-stuttgart.de>
Date: Sat, 13 Jul 2002 18:46:33 +0200

Hi,

On Mon, Jul 08, 2002 at 06:11:49AM -0000, Jason wrote:
> I was recently doing a penetration test and noticed a problem with the
> SMTP component of their web server that allowed me to relay mail using an
> old SMTP encapsulation problem.

is this the same problem mentioned in the "Portcullis Security Advisory -
IIS Microsoft SMTP Service Encapsulated SMTP Address Vulnerability"?
(http://cert.uni-stuttgart.de/archive/bugtraq/2002/07/msg00129.html) 

-- 
Tom Fischer                              Tom.Fischer_at_rus.uni-stuttgart.de
RUS-CERT University of Stuttgart       Tel:+49 711 685-8076 / -5898 (fax)
Allmandring 30, D-70550 Stuttgart           http://cert.uni-stuttgart.de/
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Received on Jul 13 2002
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]