Looking at the source code, then plugin works by connecting and doing an attack, then trying to connect again. If the second connect fails to get an SMTP banner, it infers that the service has crashed and raises the vulnerability. The problem with this type of plugin is that the connect might fail for some legitimate reason, e.g. the server limits connections per second per IP address.
To check manually, run the plugin, and then try connecting to the SMTP port by hand from a different machine. If that shows the service to be dead, you have a real vulnerability.
Paul
Always Bishan wrote:
Hi
You probably enabled "Safe Checks" which does notDomino >version number it
actually perform the DoS
but just reports the vulnerability based on the
found. Try disabling "Safe Checks" and see if itfreezes >your machine
I did the scanning with "Safe Checks" disabled and there is no Domino server on the remote machine, but a microsoft esmtp server.
Any clues?
Regards, Bishan
________________________________________________________________________ Want to chat instantly with your online friends? Get the FREE Yahoo! Messenger http://uk.messenger.yahoo.com/
-- Paul Johnston Internet Security Specialist Westpoint Limited Albion Wharf, 19 Albion Street, Manchester, M1 5LN England Tel: +44 (0)161 237 1028 Fax: +44 (0)161 237 1031 email: [EMAIL PROTECTED] web: www.westpoint.ltd.uk
