Re: Security Check generated by AXENT Netrecom 3.0 points security flaw in qmail-smtpd

2001-08-14 Thread Henning Brauer 

On Tue, Aug 14, 2001 at 08:59:47AM -0300, Agnaldo M. Monteiro wrote:
 SMTP allows remote command execution via recipient filter.

As you didn't show us the SMTP transaction we can only guess what's meaned.
My guess is for RCPT TO: |/path/to/anything or something likely. This is
no risk in qmail. A false positive once more.

-- 
* Henning Brauer, [EMAIL PROTECTED], http://www.bsws.de *
* Roedingsmarkt 14, 20459 Hamburg, Germany   *
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Re: Security Check generated by AXENT Netrecom 3.0 points security flaw in qmail-smtpd

2001-08-14 Thread Gabriel Ambuehl 

-BEGIN PGP SIGNED MESSAGE-

Hello Agnaldo,

Tuesday, August 14, 2001, 1:59:47 PM, you wrote:
 Questions: Anybody know anything about this? Where can I get
 additional information about this? This Results checks is True or
 false?

Someone should PLEASE correct me if I'm wrong but my experience with
Nessus checking our qmail servers has been pretty similar because
qmail
won't complain about broken To headers but simply ignore them so
there
isn't anything that this exploit could do to your server.




Best regards,
 Gabriel


-BEGIN PGP SIGNATURE-
Version: PGP 6.5i

iQEVAwUBO3kGaMZa2WpymlDxAQH2mAf6A0Ad2fsvVOlmDqu4USAclToe9Yk94Ifh
baCKpu0T2WMdIWiTslpOupMh4fNLbwTBYSqtyd7c7b48CLOuh6UUR1vDcfQS0tqN
bWeS11IfZeqNldmIaFd6dJdwbMU9ZAGfZPx5bNyb9SyhDPGi9OY4MTH65j9M24kw
6+gZqpLK8TQ743kl6et+f7ddKRY0SrmMwE35zLzc3RaKJ10grIH0iPedaK1wWIQz
dUuZbbPL2bDERezWbSIK/XFixAL0TUlow29EOrOfFziicnj4Dh+VGHrPRr8WDpG+
sLuZvTdkpuL/WGKSEFGEHGcjAbFNsFZUZoGzuwxQAi66abuLWaaoig==
=soou
-END PGP SIGNATURE-