Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1999_1

Bugtraq archives for 1st quarter (Jan-Mar) 1999: Re: Sendmail 8.8.x/8.9.x bugware

Re: Sendmail 8.8.x/8.9.x bugware

Brock Rozen (brozentorah.org)
Mon, 18 Jan 1999 23:10:23 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Kurt Seifried: "Re: Remote Cisco Identification"
Previous message: Dave Pifke: "Another web-based mail reader hole"
In reply to: Michal Zalewski: "Re: Sendmail 8.8.x/8.9.x bugware"
Next in thread: Steve VanDevender: "Re: Sendmail 8.8.x/8.9.x bugware"

On Mon, 18 Jan 1999, Michal Zalewski wrote:

> > 550 <rhialtohacker.some.place.elsevictim.some.where>... Relaying denied
>
> As you noticed, relaying is denied in your configuration ;P This attack is
> possible if relaying is enabled, and it allows multiple redirections
> trough protected or external networks, which shouldn't be allowed.

Is stuff like <nobody%example.comvictim.some.where> allowed through?

--
Brock Rozen                                              brozentorah.org
Director of Technical Services                              (410)358-9800
Project Genesis                                     http://www.torah.org/

Next message: Kurt Seifried: "Re: Remote Cisco Identification"
Previous message: Dave Pifke: "Another web-based mail reader hole"
In reply to: Michal Zalewski: "Re: Sendmail 8.8.x/8.9.x bugware"
Next in thread: Steve VanDevender: "Re: Sendmail 8.8.x/8.9.x bugware"