Bugtraq mailing list archives
Re: ISS Internet Scanner Cannot be relied upon for conclusive
From: dleblanc () MINDSPRING COM (David LeBlanc)
Date: Wed, 10 Feb 1999 10:26:39 -0500
At 11:02 PM 2/9/99 +0100, Casper Dik wrote:
Consider another interesting case - there are several sendmail exploits (circa 8.6) which require hardware and platform-specific eggs. We obviously would have a hard time actually implementing these, and it would be very difficult to make it reliable - so we do a banner check.Why do you need an egg? Just stuffing down too much data down sendmail's throat will make it crash. Connection closed - has bug.
If we do that, then it won't be around to check for other things. It could be done last, but at this point, if we find a sendmail that old, you just need to either shut it down or update it. Perhaps a better example would be exploits which require local access (also a number of these in that time frame) - it would then require some sort of shell to really exploit, which isn't practical for a network scanner. David LeBlanc dleblanc () mindspring com
Current thread:
- Re: ISS Internet Scanner Cannot be relied upon for conclusive, (continued)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Darren Reed (Feb 10)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 10)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Darren Reed (Feb 12)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Darren Reed (Feb 10)
- NetApp Filer software versions 5.x: potential hardware killer Jason Downs (Feb 10)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 09)
- Netect Advisory: palmetto.ftpd - remote root overflow Jordan Ritter (Feb 09)
- Re: Netect Advisory: palmetto.ftpd - remote root overflow bugtraq mailing list account (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Mr. joej (Feb 08)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Casper Dik (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 10)
- sl0scan (ambiguous source portscanner) miff (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Darren Reed (Feb 10)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Joel Eriksson (Feb 12)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Randy Taylor (Feb 10)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Joel Eriksson (Feb 12)
- More Comments: Security Scanners. Craig H. Rowland (Feb 12)