[9482] in bugtraq
Re: ISS Internet Scanner Cannot be relied upon for conclusive
daemon@ATHENA.MIT.EDU (Casper Dik)
Thu Feb 11 18:31:34 1999
Date: Tue, 9 Feb 1999 23:02:39 +0100
Reply-To: Casper Dik <casper@HOLLAND.SUN.COM>
From: Casper Dik <casper@HOLLAND.SUN.COM>
X-To: David LeBlanc <dleblanc@MINDSPRING.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of "Tue, 09 Feb 1999 11:03:53 EST."
<3.0.3.32.19990209110353.00cbd320@mail.mindspring.com>
>Consider another interesting case - there are several sendmail exploits
>(circa 8.6) which require hardware and platform-specific eggs. We
>obviously would have a hard time actually implementing these, and it would
>be very difficult to make it reliable - so we do a banner check.
Why do you need an egg? Just stuffing down too much data down
sendmail's throat will make it crash. Connection closed - has bug.
Casper
