Penetration Testing mailing list archives
Re: [PEN-TEST] Debug command on Sendmail
From: Max Vision <vision () WHITEHATS COM>
Date: Wed, 13 Sep 2000 10:38:50 -0700
On Tue, 12 Sep 2000, DonSata (ZekSata) wrote:
I have bumped several times into the DEBUG COMMAND exploit for Sendmail. I get this using nessus scanner. Like with all other vulnerabilities, I try to find the way to make it work, without using any kind of scripts. (Remember... my goal here is to learn... not actually the succesfull penetration of a system.) The only information I get about this vulnerability is the one at www.nessus.org home page and the one in here: www.cert.org//advisories/CA-93.14.Internet.Security.Scanner.html
This affects extremely old versions of sendmail (versions before 5.59 according to securityfocus, before 5.65 according to other CERT, I don't remember when it was fixed). You can read more about it and download an exploit script from securityfocus. http://www.securityfocus.com/bid/1 Note that some MTA respond to the debug command with "200 Debug set -NOT!", which could fool the Nessus check into giving a false positive: if(("200 debug set" >< r))security_hole(port); Max
Current thread:
- [PEN-TEST] Have SQL admin account and password... now what? Loschiavo, Dave (Sep 12)
- Re: [PEN-TEST] Have SQL admin account and password... now what? Andrew Cogger (Sep 12)
- Re: [PEN-TEST] Have SQL admin account and password... now what? Vitaly McLain (Sep 12)
- [PEN-TEST] Debug command on Sendmail DonSata (ZekSata) (Sep 13)
- Re: [PEN-TEST] Debug command on Sendmail Max Vision (Sep 13)