Re: matching the sendmail version

From: Erik Parker (erik.parkerat_private)
Date: Mon Mar 03 2003 - 15:24:40 PST

Next message: H D Moore: "Re: matching the sendmail version"

Previous message: Erik Parker: "Re: patch to explain sendmail_ nasl"
In reply to: Steven Procter: "matching the sendmail version"
Next in thread: H D Moore: "Re: matching the sendmail version"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> if(banner)
> {
>   re_sendmail = "Sendmail[ \t]*(\/|UCB | )([5-7]\.|8\.([0-9](\.|;|$)|1[01]\.|12\.[0-7](\/| |\.|\+)))";
>   re_switch = "Sendmail[ \t]*Switch\-((1\.)|(2\.(0\.|1\.[0-4])))";

This won't work for AIX systems due to "Sendmail AIX4.2/UCB 8.7"  and 
"Sendmail AIX4.2/8.9.3" type of setup..

or metainfo (MetaInfo Sendmail 2.5 Build 2630 (Berkeley 8.8.6)/8.8.4

I don't imagine we can match them all.. and MetaInfo is rare. Is it better 
that we miss something, or better that we false positive? (I bet this has 
been brought up a million times, sorry.. I haven't been reading the list 
much, if this question is in a faq somewhere, lemme know)









--        
Erik Parker, CISSP
Digital Defense, Inc.
1711 Citadel Plaza
San Antonio, Texas 78209
210.822.2645

Next message: H D Moore: "Re: matching the sendmail version"
Previous message: Erik Parker: "Re: patch to explain sendmail_ nasl"
In reply to: Steven Procter: "matching the sendmail version"
Next in thread: H D Moore: "Re: matching the sendmail version"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Mar 03 2003 - 15:27:44 PST