Re: patch to explain sendmail_ nasl

From: Erik Parker (erik.parkerat_private)
Date: Mon Mar 03 2003 - 15:11:54 PST

Next message: Erik Parker: "Re: matching the sendmail version"

Previous message: Steven Procter: "matching the sendmail version"
In reply to: Michael Scheidell: "patch to explain sendmail_ nasl"
Next in thread: Renaud Deraison: "Re: patch to explain sendmail_ nasl"
Reply: Renaud Deraison: "Re: patch to explain sendmail_ nasl"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> , this nasl is going to get patched several times, and while we
> are doing that, I hope that we can add this verbage to it (attached)
> 
> It explains that if you patch sendmail, or run this nasl against a patched
> sendmail, you will get a false positive.

yah. ahem, freebsd. ahem.

Also, it falses on most hosts, due to sendmail keeping the version in 
sendmail.cf as well as the actual version. Most people upgrading don't 
build a new cf.. just ./Build ; make install

We were looking into writing a regex to try and break those up and only 
read until it encountere a / after a verified version number syntax... but 
not enough time in the day right now.




--        
Erik Parker, CISSP
Digital Defense, Inc.
1711 Citadel Plaza
San Antonio, Texas 78209
210.822.2645

Next message: Erik Parker: "Re: matching the sendmail version"
Previous message: Steven Procter: "matching the sendmail version"
In reply to: Michael Scheidell: "patch to explain sendmail_ nasl"
Next in thread: Renaud Deraison: "Re: patch to explain sendmail_ nasl"
Reply: Renaud Deraison: "Re: patch to explain sendmail_ nasl"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Mar 03 2003 - 15:15:06 PST