Re: patch to explain sendmail_ nasl

From: Erik Parker (erik.parkerat_private)
Date: Mon Mar 03 2003 - 15:11:54 PST

  • Next message: Erik Parker: "Re: matching the sendmail version"

    > , this nasl is going to get patched several times, and while we
    > are doing that, I hope that we can add this verbage to it (attached)
    > 
    > It explains that if you patch sendmail, or run this nasl against a patched
    > sendmail, you will get a false positive.
    
    yah. ahem, freebsd. ahem.
    
    Also, it falses on most hosts, due to sendmail keeping the version in 
    sendmail.cf as well as the actual version. Most people upgrading don't 
    build a new cf.. just ./Build ; make install
    
    We were looking into writing a regex to try and break those up and only 
    read until it encountere a / after a verified version number syntax... but 
    not enough time in the day right now.
    
    
    
    
    --        
    Erik Parker, CISSP
    Digital Defense, Inc.
    1711 Citadel Plaza
    San Antonio, Texas 78209
    210.822.2645
    



    This archive was generated by hypermail 2b30 : Mon Mar 03 2003 - 15:15:06 PST