Re: ipswitch IMail web interface

From: Javier Fernandez-Sanguino (jfernandezat_private)
Date: Thu Mar 06 2003 - 02:15:55 PST

Next message: Javier Fernandez-Sanguino: "Detecting the sendmail version w/o using the connection banner"

Previous message: Renaud Deraison: "Re: ipswitch IMail web interface"
In reply to: Renaud Deraison: "Re: ipswitch IMail web interface"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Renaud Deraison wrote:
> On Thu, Mar 06, 2003 at 10:52:18AM +0100, Javier Fernandez-Sanguino wrote:
> 
>>serv = egrep(string: banner, pattern: "^Server:.*");
>>if ( "Server:.*Ipswitch-IMail" >< serv ) {
>>   security_warning(port);
>>
>>?
>>Otherwise it seems to me that you are going to get into not reporting 
>>some Ipswith servers with versions like 9.2543 (several years in the 
>>future :-)
> 
> 
> IMail < 7.06 is vulnerable to a flaw, hence the check...
> 
> 
> 				-- Renaud

You are right. I hadn't analyse the plugin properly. It's trying to 
determine if you have Imail <7.06, not reporting that you have the Imail 
web interface accesible (which is a vulnerability by and in itself IMHO).

Sorry for the confusion.

Regards

Javi

Next message: Javier Fernandez-Sanguino: "Detecting the sendmail version w/o using the connection banner"
Previous message: Renaud Deraison: "Re: ipswitch IMail web interface"
In reply to: Renaud Deraison: "Re: ipswitch IMail web interface"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Mar 06 2003 - 02:17:08 PST