[prev in list] [next in list] [prev in thread] [next in thread]
List: saint-users
Subject: Re: Snedmail vulnerability / export?
From: Sven Reimers <reimers () tu-harburg ! de>
Date: 2000-01-25 10:41:30
[Download RAW message or body]
Thank you very much for your detailed
description. All questions (so far) answered.
Again thanks
Sven
Sam Kline wrote:
> > Make sure the Sendmail command EXPN is off
> > Make sure the Sendmail command VRFY is off
> > Sendmail uses EHLO, so server can use ESMTP
>
> SAINT does these checks by sending a
> "HELP" command to the smtp port on the
> target machine, and seeing whether EXPN,
> VRFY, and EHLO are recognized commands.
> Since this method doesn't indicate whether
> or not these commands are actually permitted,
> you will continue to see a "brown" vulnerability
> even after applying the fixes. (In general,
> "brown" vulnerabilities are those which cannot
> be confirmed by a network scan.) This
> check might be re-coded in a future version of
> SAINT to better check for these vulnerabilities.
>
> >
> > Exports xxxxx to everyone .
> >
> Are you running SAINT from one of the
> hosts which is allowed to mount xxxxx?
> If so, that's why you are getting the false
> alarm. Try running SAINT in "trusted host"
> mode. This can be done either from
> the Configuration Management form, or
> by setting $untrusted_host = 0 in saint.cf,
> or with the -U command line option.
>
> Sam Kline
> Information Security Specialist
> World Wide Digital Security, Inc.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic