RE: [Full-disclosure] sendmail exploit

2005-05-11 Thread Lauro, John 
Redhat typically patches items such as sendmail without changing the
version number ("rpm -q sedmail" to get the full redhat version).  So,
many of the exploits for 8.8 probably are not there, assuming the
system was kept up2date while RedHat supported 6.2...  Of course,
RedHat hasn't supported 6.2 for a long time now, so some issues are
likely unpatched...


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of migalo
digalo
Sent: Wednesday, May 11, 2005 7:23 AM
To: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] sendmail exploit

> Of course, if you're still running 8.8, there's about 3 zillion
OTHER issues
> you  could exploit instead
> 
> 
> 
i think it's really a 8.8 (redhat6.2) and not a honeypot or thing like
that ,if that waht you mean,and yes nessus give other critical warning
about apache 1.3.12 ,the snag is there is no working exploit for thus
vulerabilities (or at least i can't found any)and i have no time to
make one by my self.
so Valdis can you give me some examples of " about 3 zillion OTHER
issues you  could exploit instead".
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] sendmail exploit

2005-05-11 Thread Andrew Simmons 
Hi Migalo,
migalo digalo wrote:
Of course, if you're still running 8.8, there's about 3 zillion OTHER issues
you  could exploit instead
i think it's really a 8.8 (redhat6.2) and not a honeypot or thing like
that ,if that waht you mean,and yes nessus give other critical warning
about apache 1.3.12 ,the snag is there is no working exploit for thus
vulerabilities (or at least i can't found any)and i have no time to
make one by my self.
so Valdis can you give me some examples of " about 3 zillion OTHER
issues you  could exploit instead".
>
A good start would be:
http://www.cve.mitre.org/cgi-bin/cvekey.cgi?keyword=sendmail
http://www.securityfocus.com/bid/keyword/ (search for sendmail)
You'll have to review each vuln listed to see whether it affects your 
version.

cheers
Andrew
Speaking for myself only
--
Andrew Simmons
Technical Security Consultant
MessageLabs
[EMAIL PROTECTED]
 www.messagelabs.com
MessageLabs - Be certain
__
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
__
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] sendmail exploit

2005-05-11 Thread Ralph Angenendt 
migalo digalo wrote:
> > Of course, if you're still running 8.8, there's about 3 zillion OTHER issues
> > you  could exploit instead
> > 
> > 
> i think it's really a 8.8 (redhat6.2) and not a honeypot or thing like
> that ,

No. If it's a RH 6.2 box, the sendmail version is 8.11.6.

Ralph


pgp7hguc7SzBX.pgp
Description: PGP signature
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] sendmail exploit

2005-05-11 Thread migalo digalo 
> Of course, if you're still running 8.8, there's about 3 zillion OTHER issues
> you  could exploit instead
> 
> 
> 
i think it's really a 8.8 (redhat6.2) and not a honeypot or thing like
that ,if that waht you mean,and yes nessus give other critical warning
about apache 1.3.12 ,the snag is there is no working exploit for thus
vulerabilities (or at least i can't found any)and i have no time to
make one by my self.
so Valdis can you give me some examples of " about 3 zillion OTHER
issues you  could exploit instead".
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] sendmail exploit

2005-05-10 Thread Valdis . Kletnieks 
On Tue, 10 May 2005 14:50:21 PDT, migalo digalo said:

> have ,and  nessus show me same 'Critical' vulnerabilities:
> sendmail 8.8 
> (http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950)

Hint: First figure out why Nessus claimed it saw a Sendmail 8.8 - because
that's well and truly crufty.  8.8.0 came out 1996/09/26, and 8.8.8 (the last
8.8) was 1997/10/24.

If you're really running an 8.8, most likely it isn't working because your
canned exploit only has offsets for releases people are actually likely to be
running (like 8.11.X and 8.12.(Y<8).)

Of course, if you're still running 8.8, there's about 3 zillion OTHER issues
you  could exploit instead



pgpvF5lrxKACy.pgp
Description: PGP signature
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] sendmail exploit

2005-05-10 Thread pingywon 
Thank to you for tell us.

~pingywon


- Original Message - 
From: "migalo digalo" <[EMAIL PROTECTED]>
To: 
Sent: Tuesday, May 10, 2005 5:50 PM
Subject: [Full-disclosure] sendmail exploit


hi all;

this my first post in this mailing list;so please ...

i am doing same pen-tests ,to apply the bit of theorical knowledge i
have ,and  nessus show me same 'Critical' vulnerabilities:
sendmail 8.8
(http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950)
and php older than 3.0.17 and apache olther than 2.0.x all this in
linux boxes.so i googled to get same exploits ,that WORK ,but without
any succes.
can any one  help.

excuse my poor englisch ;
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/