Date: Sat, 15 Aug 1998 10:09:29 +1200 (NZST) From: Andrew McNaughton <andrew@squiz.co.nz> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: Satya Palani <satya@longshadows.com>, security@FreeBSD.ORG Subject: Re: Sendmail greeting Message-ID: <Pine.BSF.3.96.980815100555.23685D-100000@aniwa.sky> In-Reply-To: <199808141703.NAA05937@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 14 Aug 1998, Garrett Wollman wrote: > > Of course, the version number is still being broadcast through the > > headers. Take this message, for example: > > That doesn't bother me -- the attacker would have to find mail > messages from me, which were archived without the usual header > stripping. `mscan' doesn't know how to do this -- it might learn how > to exploit future sendmail flaws. While mscan may not do this, it's probably not going to be dificult for a hacker to get your machine to mail a delivery report back to them. Andrew To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980815100555.23685D-100000>