Bugtraq mailing list archives

Re: ISS Internet Scanner Cannot be relied upon for conclusive

From: dleblanc () MINDSPRING COM (David LeBlanc)
Date: Wed, 10 Feb 1999 10:26:39 -0500


At 11:02 PM 2/9/99 +0100, Casper Dik wrote:

Consider another interesting case - there are several sendmail exploits
(circa 8.6) which require hardware and platform-specific eggs.  We
obviously would have a hard time actually implementing these, and it would
be very difficult to make it reliable - so we do a banner check.


Why do you need an egg?  Just stuffing down too much data down
sendmail's throat will make it crash.  Connection closed - has bug.


If we do that, then it won't be around to check for other things.  It could
be done last, but at this point, if we find a sendmail that old, you just
need to either shut it down or update it.  Perhaps a better example would
be exploits which require local access (also a number of these in that time
frame) - it would then require some sort of shell to really exploit, which
isn't practical for a network scanner.


David LeBlanc
dleblanc () mindspring com

Current thread:

Re: ISS Internet Scanner Cannot be relied upon for conclusive, (continued)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 09)
  - Re: ISS Internet Scanner Cannot be relied upon for conclusive Darren Reed (Feb 10)
    - Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 10)
    - Re: ISS Internet Scanner Cannot be relied upon for conclusive Darren Reed (Feb 12)
  - NetApp Filer software versions 5.x: potential hardware killer Jason Downs (Feb 10)
- Netect Advisory: palmetto.ftpd - remote root overflow Jordan Ritter (Feb 09)
  - Re: Netect Advisory: palmetto.ftpd - remote root overflow bugtraq mailing list account (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Mr. joej (Feb 08)
  - Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 09)
    - Re: ISS Internet Scanner Cannot be relied upon for conclusive Casper Dik (Feb 09)
    - Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 10)
    - sl0scan (ambiguous source portscanner) miff (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Ryan Russell (Feb 08)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive der Mouse (Feb 09)
  - Re: ISS Internet Scanner Cannot be relied upon for conclusive Darren Reed (Feb 10)
    - Re: ISS Internet Scanner Cannot be relied upon for conclusive Joel Eriksson (Feb 12)
  - Re: ISS Internet Scanner Cannot be relied upon for conclusive Randy Taylor (Feb 10)
    - Re: ISS Internet Scanner Cannot be relied upon for conclusive Joel Eriksson (Feb 12)
    - More Comments: Security Scanners. Craig H. Rowland (Feb 12)
  - Re: ISS Internet Scanner Cannot be relied upon for conclusive Adam Shostack (Feb 10)
  - remote fakebo shell exploit Groovy Pants Gus (Feb 11)

(Thread continues...)