[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Using Nessus to scan Qube 2
- Subject: Re: [cobalt-security] Using Nessus to scan Qube 2
- From: Gossi The Dog <gossi@xxxxxxxxxxxxxx>
- Date: Fri, 6 Jul 2001 22:16:50 +0100 (BST)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Fri, 6 Jul 2001, Akira wrote:
> Hi all,
>
> I was conducting some vulnerability scans on my Qube 2 with Nessus and a
> worrying result was found. Nessus reported that SMTP (Sendmail 8.9.3/8.9.2)
> was subject to a buffer overflow in the 'MAIL FROM:' command.
>
> By issuing a long input string i.e. MAIL FROM
> :asd@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx would basically stop the sendmail
> daemon.
I'm doing my best to attempt to reproduce this - can't remember seeing an
advisory for it at the time.
Sendmail 8.9.3 is used on RaQ3/RaQ3i's, also.