lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: kluge at fujitsu.com.au (Steffen Kluge) Subject: Interscan - path disclosure - WAS:SpamAssasin - path disclosure On Mon, 2003-08-25 at 11:16, morning_wood wrote: > Trend Interscan Viruswall has a path disclosure issue I wouldn't exactly call that a disclosure. It is commonly known that /etc/iscan is the directory in which Trend Interscan lives by default, and yes, /etc/iscan/virus is where it quarantines viruses. What would be the point of obscuring this "information"? Kinda like disclosing that the password file lives in /etc on many Unix boxes... > So these products are often used in conjuntion with each other? > Trend Interscan Viruswall and Spamassasin run on the same box and > combining thier output? They are both often used as plug-ins to an MTA (like postfix, qmail or sendmail), or via some MTA middle-ware (like amavis). Hence, they share the logging facility of the MTA or the middle-ware. Cheers Steffen. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030825/14cd264e/attachment.bin
Powered by blists - more mailing lists