Hi everybody, I have the following problem. I installed a box with SuSE 7.2, updated all packages und then checked the security of the server with Nessus. The result of the scan is, that Nessus could crash sendmail, because of a HELO command with a long argument. Is there a way to prevent this, or is this a problem of the installed SuSE rpm sendmail-8.11.3-68.rpm ? Thanks for your help Have a nice evening Konrad
On Thu, Jul 04, 2002 at 06:41:11PM +0200, Konrad Klein wrote:
Hi everybody,
I have the following problem. I installed a box with SuSE 7.2, updated all packages und then checked the security of the server with Nessus.
The result of the scan is, that Nessus could crash sendmail, because of a HELO command with a long argument. Is there a way to prevent this, or is this a problem of the installed SuSE rpm sendmail-8.11.3-68.rpm ?
Exactly what happened? Did you confirm it crashed, or did it ust exit? What is the domain name nessus used in the HELO command? I tried with "aaaaa.." and all I got was "501 5.0.0 Invalid domain name". Olaf -- Olaf Kirch | Anyone who has had to work with X.509 has probably okir@suse.de | experienced what can best be described as ---------------+ ISO water torture. -- Peter Gutmann
On Thursday 04 July 2002 18:41, you wrote:
Hi everybody,
I have the following problem. I installed a box with SuSE 7.2, updated all packages und then checked the security of the server with Nessus.
The result of the scan is, that Nessus could crash sendmail, because of a HELO command with a long argument. Is there a way to prevent this, or is this a problem of the installed SuSE rpm sendmail-8.11.3-68.rpm ?
I have a similar, if not identical, box here but I cannot reproduce that. At least up to the char limit 'telnet localhost 25' imposes... (>3800?) Maarten -- This email has been scanned for the presence of computer viruses. Maarten J. H. van den Berg ~~//~~ network administrator VBVB - Amsterdam - The Netherlands - http://vbvb.nl T +31204233288 F +31204233286 G +31651994273
Hi Olaf, i did this scan once again and discovered that this was a false positive. Nessus produces so much load for sendmail, that it closed it's ports for a minute or so. So nessus thought, it has killed the service. It' s my fault, that i didn't had enough patience to wait a little longer, and that i only had a quick look in /var/log/messages but not in warn. I'm really sorry. Have a nice Evening Konrad
participants (3)
-
Konrad Klein
-
Maarten J H van den Berg
-
Olaf Kirch