Re: patch to explain sendmail_ nasl

From: Renaud Deraison (deraisonat_private)
Date: Mon Mar 03 2003 - 15:33:08 PST

Next message: Michel Arboi: "Old vulnerabilities..."

Previous message: H D Moore: "Re: matching the sendmail version"
In reply to: Erik Parker: "Re: patch to explain sendmail_ nasl"
Next in thread: Michael Scheidell: "Re: patch to explain sendmail_ nasl"
Reply: Michael Scheidell: "Re: patch to explain sendmail_ nasl"
Reply: Michael Scheidell: "Re: patch to explain sendmail_ nasl"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Mar 03, 2003 at 05:11:54PM -0600, Erik Parker wrote:
> > , this nasl is going to get patched several times, and while we
> > are doing that, I hope that we can add this verbage to it (attached)
> > 
> > It explains that if you patch sendmail, or run this nasl against a patched
> > sendmail, you will get a false positive.
> 
> yah. ahem, freebsd. ahem.
> 
> Also, it falses on most hosts, due to sendmail keeping the version in 
> sendmail.cf as well as the actual version. Most people upgrading don't 
> build a new cf.. just ./Build ; make install
> 
> We were looking into writing a regex to try and break those up and only 
> read until it encountere a / after a verified version number syntax... but 
> not enough time in the day right now.

And that kind of thing happen. If the amount of false positives
eventually convince people to switch to Postfix, that will be a good
thing in the end :)

				-- Renaud

Next message: Michel Arboi: "Old vulnerabilities..."
Previous message: H D Moore: "Re: matching the sendmail version"
In reply to: Erik Parker: "Re: patch to explain sendmail_ nasl"
Next in thread: Michael Scheidell: "Re: patch to explain sendmail_ nasl"
Reply: Michael Scheidell: "Re: patch to explain sendmail_ nasl"
Reply: Michael Scheidell: "Re: patch to explain sendmail_ nasl"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Mar 03 2003 - 15:32:47 PST