Full Disclosure mailing list archives
Re: Interscan - path disclosure - WAS:SpamAssasin - path disclosure
From: Steffen Kluge <kluge () fujitsu com au>
Date: Mon, 25 Aug 2003 12:25:31 +1000
On Mon, 2003-08-25 at 11:16, morning_wood wrote:
Trend Interscan Viruswall has a path disclosure issue
I wouldn't exactly call that a disclosure. It is commonly known that /etc/iscan is the directory in which Trend Interscan lives by default, and yes, /etc/iscan/virus is where it quarantines viruses. What would be the point of obscuring this "information"? Kinda like disclosing that the password file lives in /etc on many Unix boxes...
So these products are often used in conjuntion with each other? Trend Interscan Viruswall and Spamassasin run on the same box and combining thier output?
They are both often used as plug-ins to an MTA (like postfix, qmail or sendmail), or via some MTA middle-ware (like amavis). Hence, they share the logging facility of the MTA or the middle-ware. Cheers Steffen.
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- SpamAssasin - path disclosure morning_wood (Aug 24)
- Re: SpamAssasin - path disclosure Evert Jan van Ramselaar (Aug 24)
- <Possible follow-ups>
- RE: SpamAssasin - path disclosure Kane Lightowler (Aug 24)
- Re: SpamAssasin - path disclosure morning_wood (Aug 24)
- RE: SpamAssasin - path disclosure ViLLaN (Aug 24)
- Re: SpamAssasin - path disclosure morning_wood (Aug 24)
- RE: SpamAssasin - path disclosure ViLLaN (Aug 24)
- Interscan - path disclosure - WAS:SpamAssasin - path disclosure morning_wood (Aug 24)
- Re: Interscan - path disclosure - WAS:SpamAssasin - path disclosure Steffen Kluge (Aug 24)
- RE: Interscan - path disclosure - WAS:SpamAssasin - path disclosure Bojan Zdrnja (Aug 24)
- Re: SpamAssasin - path disclosure morning_wood (Aug 24)
- Re: SpamAssasin - path disclosure Valdis . Kletnieks (Aug 27)
- Re: SpamAssasin - path disclosure morning_wood (Aug 24)