| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4C49470270F5AD43A0BDEA0F130C850B6A7BA0@its-emb1.umflint.edu>
Date: Wed May 11 12:45:01 2005
From: jlauro at umflint.edu (Lauro, John)
Subject: sendmail exploit
Redhat typically patches items such as sendmail without changing the
version number ("rpm -q sedmail" to get the full redhat version). So,
many of the exploits for 8.8 probably are not there, assuming the
system was kept up2date while RedHat supported 6.2... Of course,
RedHat hasn't supported 6.2 for a long time now, so some issues are
likely unpatched...
-----Original Message-----
From: full-disclosure-bounces@...ts.grok.org.uk
[mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of migalo
digalo
Sent: Wednesday, May 11, 2005 7:23 AM
To: full-disclosure@...ts.grok.org.uk
Subject: Re: [Full-disclosure] sendmail exploit
> Of course, if you're still running 8.8, there's about 3 zillion
OTHER issues
> you could exploit instead....
>
>
>
i think it's really a 8.8 (redhat6.2) and not a honeypot or thing like
that ,if that waht you mean,and yes nessus give other critical warning
about apache 1.3.12 ,the snag is there is no working exploit for thus
vulerabilities (or at least i can't found any)and i have no time to
make one by my self.
so Valdis can you give me some examples of " about 3 zillion OTHER
issues you could exploit instead....".
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists