> From Nessus:
>
> The remote SMTP server did not complain when issued the
> command :
> MAIL FROM: root@this_host
> RCPT TO: |testing
This is a test against a known sendmail vulnerability, not SMTP
servers in general.
> The remote SMTP server did not complain when issued the
> command :
> MAIL FROM: root@this_host
> RCPT TO: /tmp/nessus_test
This is a test against a known sendmail vulnerability, not SMTP
servers in general.
> The remote SMTP server did not complain when issued the
> command :
> MAIL FROM: |testing
This is a test against a known sendmail vulnerability, not SMTP
servers in general.
> There seem to be a buffer overflow in the remote SMTP server
> when the server is issued a too long argument to the 'MAIL FROM'
> command, like :
>
> MAIL FROM: AAA[...][EMAIL PROTECTED]
>
> Where AAA[...]AAA contains more than 8000 'A's.
This looks like a test against a known sendmail vulnerability, it's
not a generic SMTP problem.
It appears that Nessus need to get much more specific in the
description of their test results and perhaps much more general in
their tests. It looks like they've combined the security problems of
sendmail and NTMail and labelled it with the more general SMTP term.
Nothing wrong with them having a test, but creating so many false
alarms without explanatary comments is not so good. Furthermore, their
test *could* notice the qmail banner and add a descriptive entry along
the lines of: "You appear to be running qmail, if so, this warning
does not apply".
I guess they'd get tired of adding that to the end of every message
though :>
Regards.
