On Tue, 10 May 2005 14:50:21 PDT, migalo digalo said: > have ,and nessus show me same 'Critical' vulnerabilities: > sendmail 8.8 > (http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950) Hint: First figure out why Nessus claimed it saw a Sendmail 8.8 - because that's well and truly crufty. 8.8.0 came out 1996/09/26, and 8.8.8 (the last 8.8) was 1997/10/24. If you're really running an 8.8, most likely it isn't working because your canned exploit only has offsets for releases people are actually likely to be running (like 8.11.X and 8.12.(Y<8).) Of course, if you're still running 8.8, there's about 3 zillion OTHER issues you could exploit instead....
Attachment:
pgpLYHHJaC4r3.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/