RE: [Full-disclosure] sendmail exploit

From: Lauro, John (jlauro_at_umflint.edu)
Date: 05/11/05

  • Next message: class: "[Full-disclosure] BakBone NetVault last warning"
    Date: Wed, 11 May 2005 07:41:44 -0400
    To: "migalo digalo" <l.epsilon@gmail.com>, <full-disclosure@lists.grok.org.uk>
    
    

    Redhat typically patches items such as sendmail without changing the
    version number ("rpm -q sedmail" to get the full redhat version). So,
    many of the exploits for 8.8 probably are not there, assuming the
    system was kept up2date while RedHat supported 6.2... Of course,
    RedHat hasn't supported 6.2 for a long time now, so some issues are
    likely unpatched...

    -----Original Message-----
    From: full-disclosure-bounces@lists.grok.org.uk
    [mailto:full-disclosure-bounces@lists.grok.org.uk] On Behalf Of migalo
    digalo
    Sent: Wednesday, May 11, 2005 7:23 AM
    To: full-disclosure@lists.grok.org.uk
    Subject: Re: [Full-disclosure] sendmail exploit

    > Of course, if you're still running 8.8, there's about 3 zillion
    OTHER issues
    > you could exploit instead....
    >
    >
    >
    i think it's really a 8.8 (redhat6.2) and not a honeypot or thing like
    that ,if that waht you mean,and yes nessus give other critical warning
    about apache 1.3.12 ,the snag is there is no working exploit for thus
    vulerabilities (or at least i can't found any)and i have no time to
    make one by my self.
    so Valdis can you give me some examples of " about 3 zillion OTHER
    issues you could exploit instead....".
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    Hosted and sponsored by Secunia - http://secunia.com/
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    Hosted and sponsored by Secunia - http://secunia.com/


  • Next message: class: "[Full-disclosure] BakBone NetVault last warning"

    Relevant Pages