[9477] in bugtraq
Re: ISS Internet Scanner Cannot be relied upon for conclusive
daemon@ATHENA.MIT.EDU (David LeBlanc)
Thu Feb 11 15:34:04 1999
Date: Wed, 10 Feb 1999 10:26:39 -0500
Reply-To: David LeBlanc <dleblanc@MINDSPRING.COM>
From: David LeBlanc <dleblanc@MINDSPRING.COM>
X-To: Casper Dik <casper@holland.Sun.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <199902092202.XAA15645@romulus>
At 11:02 PM 2/9/99 +0100, Casper Dik wrote:
>
>>Consider another interesting case - there are several sendmail exploits
>>(circa 8.6) which require hardware and platform-specific eggs. We
>>obviously would have a hard time actually implementing these, and it would
>>be very difficult to make it reliable - so we do a banner check.
>
>Why do you need an egg? Just stuffing down too much data down
>sendmail's throat will make it crash. Connection closed - has bug.
If we do that, then it won't be around to check for other things. It could
be done last, but at this point, if we find a sendmail that old, you just
need to either shut it down or update it. Perhaps a better example would
be exploits which require local access (also a number of these in that time
frame) - it would then require some sort of shell to really exploit, which
isn't practical for a network scanner.
David LeBlanc
dleblanc@mindspring.com
