Re: Vulnerabilities found by Nessus

To: Kjetil Kjernsmo <kjetil@kjernsmo.net>
Cc: debian-security@lists.debian.org
Subject: Re: Vulnerabilities found by Nessus
From: Javier Fernández-Sanguino Peña <jfs@computer.org>
Date: Tue, 15 Oct 2002 13:59:57 +0200
Message-id: <[🔎] 20021015115957.GB8539@dat.etsit.upm.es>
In-reply-to: <[🔎] 200210151333.38607.kjetil@kjernsmo.net>
References: <[🔎] 200210151333.38607.kjetil@kjernsmo.net>

On Tue, Oct 15, 2002 at 01:33:38PM +0200, Kjetil Kjernsmo wrote:
> Hi everybody!
> 
> Now, I have finally configured all the security features that I wanted, 
(...)
> 
> Well, I don't know if I should be alarmed, I guess the whole reason for 
> running nessus is to be alarmed, so I am... :-) And it seems it found 
> these holes to be real (as opposed to a Qpopper hole it also reported, 
> but that was based on the version number only, and I guess the patch 
> there hsa been backported), so I'm seeking advice on what to do with 
> this.... 
> 
	Try to reproduce this behavior. You can launch the attacks
manually using 'nasl name-of-the-script' and trace the mail server to see
if it really breaks. If it does: report upstream, if it doesn't then it's
a bug in the plugin: report to the nessus development team.

	Regards

	Javi

Reply to:

Follow-Ups:
- Re: Vulnerabilities found by Nessus
  - From: Kjetil Kjernsmo <kjetil@kjernsmo.net>

References:
- Vulnerabilities found by Nessus
  - From: Kjetil Kjernsmo <kjetil@kjernsmo.net>

Prev by Date: Re: Named daemon and port 32770? (and port 32985 on restart)
Next by Date: Re: Vulnerabilities found by Nessus
Previous by thread: Re: Vulnerabilities found by Nessus
Next by thread: Re: Vulnerabilities found by Nessus
Index(es):
- Date
- Thread