[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Using Nessus to scan Qube 2

Subject: [cobalt-security] Using Nessus to scan Qube 2
From: Akira <akira@xxxxxxxxxxxxxxx>
Date: Fri, 06 Jul 2001 22:19:39 +0800
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi all,

I was conducting some vulnerability scans on my Qube 2 with Nessus and aworrying result was found. Nessus reported that SMTP (Sendmail 8.9.3/8.9.2)was subject to a buffer overflow in the 'MAIL FROM:' command.

By issuing a long input string i.e. MAIL FROM:asd@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx would basically stop the sendmaildaemon.


I am currently coding a script that would do this manually.

Has anyone seen a vulnerability of this kind with sendmail for Qube 2 ? orhave I missed a security advisory somewhere ;p


-- Akira

Follow-Ups:
- Re: [cobalt-security] Using Nessus to scan Qube 2
  - From: Gossi The Dog

Prev by Date: Re: [cobalt-security] Back-up creation on Qube3
Next by Date: Re: [cobalt-security] Cobalt Cube Webmail directory traversal (fwd)
Previous by thread: Re: [cobalt-security] Back-up creation on Qube3
Next by thread: Re: [cobalt-security] Using Nessus to scan Qube 2

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index