|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <004f01c022d7$3f118640$0b0b0c0a@usl4.toscana.it> Date: Wed, 20 Sep 2000 09:49:03 +0200 Reply-To: Leandro Dardini <ldardini@USL4.TOSCANA.IT> From: Leandro Dardini <ldardini@USL4.TOSCANA.IT> X-To: naif <naif@INET.IT> To: BUGTRAQ@SECURITYFOCUS.COM I test my (old) pix box running 4.2(1) and it is not exploitable. When I try to not complete my smtp session, issuing a "data" command before rcpt, I receive a 503 Need RCPT (recipient) message. I test other permutation of helo, mail, rcpt, data command but all fails. Leandro ----- Original Message ----- From: naif <naif@INET.IT> To: <BUGTRAQ@SECURITYFOCUS.COM> Sent: Tuesday, September 19, 2000 6:27 PM Subject: Cisco PIX Firewall (smtp content filtering hack) > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > How to escape "fixup smtp" of Cisco Pix Firewall: > > The Cisco Pix Firewall normally restrict some protocol command(http,ftp,smtp) and manage > multisession protocol(h323, ftp,sqlnet) . > I made some test on a BSDI3.0 running sendmail9 placed in the dmz . > The Pix version it's the latest, 5.2(1)... here the output of "show ver" > ===================================================== > Cisco Secure PIX Firewall Version 5.2(1) >
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |