Re: Vulnerabilities found by Nessus
On Tue, Oct 15, 2002 at 01:33:38PM +0200, Kjetil Kjernsmo wrote:
> Hi everybody!
>
> Now, I have finally configured all the security features that I wanted,
(...)
>
> Well, I don't know if I should be alarmed, I guess the whole reason for
> running nessus is to be alarmed, so I am... :-) And it seems it found
> these holes to be real (as opposed to a Qpopper hole it also reported,
> but that was based on the version number only, and I guess the patch
> there hsa been backported), so I'm seeking advice on what to do with
> this....
>
Try to reproduce this behavior. You can launch the attacks
manually using 'nasl name-of-the-script' and trace the mail server to see
if it really breaks. If it does: report upstream, if it doesn't then it's
a bug in the plugin: report to the nessus development team.
Regards
Javi
Reply to: