Bugtraq mailing list archives
Re: Cisco PIX Firewall (smtp content filtering hack) - Version 4.2(1) not exploitable
From: Leandro Dardini <ldardini () USL4 TOSCANA IT>
Date: Wed, 20 Sep 2000 09:49:03 +0200
I test my (old) pix box running 4.2(1) and it is not exploitable. When I try to not complete my smtp session, issuing a "data" command before rcpt, I receive a 503 Need RCPT (recipient) message. I test other permutation of helo, mail, rcpt, data command but all fails. Leandro ----- Original Message ----- From: naif <naif () INET IT> To: <BUGTRAQ () SECURITYFOCUS COM> Sent: Tuesday, September 19, 2000 6:27 PM Subject: Cisco PIX Firewall (smtp content filtering hack)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 How to escape "fixup smtp" of Cisco Pix Firewall: The Cisco Pix Firewall normally restrict some protocol
command(http,ftp,smtp) and manage
multisession protocol(h323, ftp,sqlnet) . I made some test on a BSDI3.0 running sendmail9 placed in the dmz . The Pix version it's the latest, 5.2(1)... here the output of "show ver" ===================================================== Cisco Secure PIX Firewall Version 5.2(1)
Current thread:
- Cisco PIX Firewall (smtp content filtering hack) naif (Sep 19)
- Re: Cisco PIX Firewall (smtp content filtering hack) Lisa Napier (Sep 20)
- Re: Cisco PIX Firewall (smtp content filtering hack) Jeffrey W. Baker (Sep 21)
- Re: Cisco PIX Firewall (smtp content filtering hack) Deus, Attonbitus (Sep 21)
- Re: Cisco PIX Firewall (smtp content filtering hack) Signal 11 (Sep 22)
- Re: Cisco PIX Firewall (smtp content filtering hack) Jeffrey W. Baker (Sep 21)
- Re: Cisco PIX Firewall (smtp content filtering hack) - Version 4.2(1) not exploitable Leandro Dardini (Sep 20)
- Re: Cisco PIX Firewall (smtp content filtering hack) - Version 4.2(1) not exploitable Fabio Pietrosanti (naif) (Sep 20)
- Re: Cisco PIX Firewall (smtp content filtering hack) Ioannis Migadakis (Sep 21)
- Re: Cisco PIX Firewall (smtp content filtering hack) Lisa Napier (Sep 20)