[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Using Nessus to scan Qube 2

Subject: Re: [cobalt-security] Using Nessus to scan Qube 2
From: Gossi The Dog <gossi@xxxxxxxxxxxxxx>
Date: Fri, 6 Jul 2001 22:16:50 +0100 (BST)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Fri, 6 Jul 2001, Akira wrote:

> Hi all,
>
> I was conducting some vulnerability scans on my Qube 2 with Nessus and a
> worrying result was found. Nessus reported that SMTP (Sendmail 8.9.3/8.9.2)
> was subject to a buffer overflow in the 'MAIL FROM:' command.
>
> By issuing a long input string i.e. MAIL FROM
> :asd@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx would basically stop the sendmail
> daemon.

I'm doing my best to attempt to reproduce this - can't remember seeing an
advisory for it at the time.

Sendmail 8.9.3 is used on RaQ3/RaQ3i's, also.

References:
- [cobalt-security] Using Nessus to scan Qube 2
  - From: Akira

Prev by Date: Re: [cobalt-security] Cobalt Cube Webmail directory traversal (fwd)
Next by Date: [cobalt-security] HEY COBALT, poprelay needs fixing, patch has been posted
Previous by thread: [cobalt-security] Using Nessus to scan Qube 2
Next by thread: [cobalt-security] HEY COBALT, poprelay needs fixing, patch has been posted

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index