Home page logo

pen-test logo Penetration Testing mailing list archives

Re: Mail Relay / Open Mail Replay
From: Michal Zalewski <lcamtuf () coredump cx>
Date: Sun, 2 Oct 2011 12:39:24 -0700

Suppose there is Mail server having port 25 open xyz.com
an attacker login on Mail server  through telnet and then try to send the
mail but the he can only send a mail within the xyz company not outside
..so this will be consider as Vulnerability or not

Yes. Thankfully, this can be resolved by removing the legacy
/usr/bin/telnet program from the originating system.


This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]