[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

questions about mail

Subject: questions about mail
From: william crockett <email@hidden>
Date: Tue, 29 Apr 2003 17:12:06 -0700

My school district is really concerned about hacking and I guess is running a pretty extensive scan on all servers that are open to the internet. They got these errors.

The remote SMTP server did not complain when issued the command:
Mail From: root@this_hose
Receipt to : /tmp/nessus_test
This probably means that it is possible to send mail directly to files, which is a serious threat, since this allows anyone to overwrite any file on the remote server

And

The remote SMTP server did not complain when issued the command:
Mail From: root@this_hose
Receipt to : testing
This probably means that it is possible to send mail directly to programs, which is a serious threat, since this allows anyone to execute arbitrary commands on this host.

The solution give is to upgrade my MTA or change it.

Any help is appreciated.

Bill Crockett
_______________________________________________
macos-x-server mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/macos-x-server
Do not post admin requests to the list. They will be ignored.

Prev by Date: RE: XServe is quiet
Next by Date: Re: Webmin Dangers on OSX server - Apache?
Previous by thread: Re: Security flaw... kindda!
Next by thread: mounting firewire drive on boot before login?
Index(es):
- Date
- Thread

Home