[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Re: sendmail exploit

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Re: sendmail exploit
From: Matt Andreko <mandreko@xxxxxxx>
Date: Thu, 12 May 2005 13:34:54 -0500

Not to sound like a smartass, but there are such things as blind pen-tests...

Dave Korn wrote:

----Original Message----

From: migalo digalo
Message-Id: 433ee3d9050510145060008332@xxxxxxxxxxxxxx

hi all;

this my first post in this mailing list;so please ...

i am doing same pen-tests ,to apply the bit of theorical knowledge i
have ,and  nessus show me same 'Critical' vulnerabilities:
sendmail 8.8


----Original Message----

From: migalo digalo
Message-Id: 433ee3d9050511042222a87a5b@xxxxxxxxxxxxxx

i think it's really a 8.8 (redhat6.2) and not a honeypot or thing like
that


  So can we conclude that the reason why you don't actually know if it's a
honeypot or not because it is not your system and you're actually trying to
break in to it, not "pen-test" it?


    cheers,
      DaveK

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] sendmail exploit
  - From: migalo digalo
- Re: [Full-disclosure] sendmail exploit
  - From: Valdis . Kletnieks
- Re: [Full-disclosure] sendmail exploit
  - From: migalo digalo
- [Full-disclosure] Re: sendmail exploit
  - From: Dave Korn

Prev by Date: [Full-disclosure] DIMVA 2005 - Call for Participation - IT-Security Conference in Vienna, 7-8 July
Next by Date: Re: [Full-disclosure] Where's Slashdot.org???
Previous by thread: [Full-disclosure] Re: sendmail exploit
Next by thread: RE: [Full-disclosure] sendmail exploit
Index(es):
- Date
- Thread