[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] user can log in to sendmail with telnet disabled

Subject: [cobalt-users] user can *log in* to sendmail with telnet disabled
From: Jale <jale@xxxxxxxxxx>
Date: Wed Nov 5 05:44:01 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

Good day all,

I have a RAQ3i. I have telnet disabled as we only use SSH. I have one smartuser that did:

telnet www.domain.com 25

and got into sendmail directly and could issue sendmail commands. He isable to sends SPAM mail using the sendmail commands without ever havinglogged on to the server.


His comment:
------------------
No. I have no access to the file system as in a standard (port 23)
telnet connection. However, connected as I am, I can send reams of spam
if I desire even though I have no account (I didn't log in) on your
server. I'll check around to see if I should be able to do this...
-----------------

Do I have something misconfigured to allow this? Any way to prevent it?

Thanks,
J.A.L.E.

Follow-Ups:
- Re: [cobalt-users] user can *log in* to sendmail with telnet disabled
  - From: Larry Smith

Prev by Date: Re: [cobalt-users] RaQ4 MRTG packages
Next by Date: Re: [cobalt-users] Read before posting
Previous by thread: Re: I'll buy... if $$$ are ok and more. Re: [cobalt-users] My mips rpm collection
Next by thread: Re: [cobalt-users] user can *log in* to sendmail with telnet disabled

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index

[cobalt-users] user can *log in* to sendmail with telnet disabled

[cobalt-users] user can log in to sendmail with telnet disabled