sendmail_redirection.nasl is incorrectly reporting that a system is vulnerable when I've manually tested it and it is clearly not. I've tracked down the problem to sendmail_redirection.nasl (or possibly smtp_func.inc ?) not reading the banner send my the server correctly since the first read of the socket after calling smtp_recv_banner() is actually returning the banner, and not the response to the HELO command. Beyond that I've made little progress as to where the bug is and how to fix it, so I'd appriciate some help on tracking this down. I've looked at the code in sendmail_redirection and smtp_func but can't see any obvious error. The output of the SMTP service in question is 220 hostname ESMTP Sendmail 8.11.6/8.11.6; Wed, 17 Sep 2003 12:45:05 +0100 HELO foo.com 250 hostname Hello [xxx.xxx.xxx.xxx], pleased to meet you quit 221 2.0.0 foo.com closing connection James
This archive was generated by hypermail 2b30 : Wed Sep 17 2003 - 05:08:05 PDT