|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Cisco PIX Firewall (smtp content filtering hack) - Version 4.2(1) not exploitable
From: Leandro Dardini (ldardini
USL4.TOSCANA.IT)Date: Wed Sep 20 2000 - 02:49:03 CDT
- Next message: Jeffrey W. Baker: "Re: Cisco PIX Firewall (smtp content filtering hack)"
- Previous message: http-equivexcite.com: "Fwd: Re: Double clicking on MS Office documents from Windows Explorer mayexecute arbitrary programs in some cases"
- In reply to: naif: "Cisco PIX Firewall (smtp content filtering hack)"
- Next in thread: Fabio Pietrosanti (naif): "Re: Cisco PIX Firewall (smtp content filtering hack) - Version 4.2(1) not exploitable"
- Reply: Leandro Dardini: "Re: Cisco PIX Firewall (smtp content filtering hack) - Version 4.2(1) not exploitable"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I test my (old) pix box running 4.2(1) and it is not exploitable.
When I try to not complete my smtp session, issuing a "data" command before
rcpt, I receive a
503 Need RCPT (recipient)
message.
I test other permutation of helo, mail, rcpt, data command but all fails.
Leandro
----- Original Message -----
From: naif <naifINET.IT>
To: <BUGTRAQSECURITYFOCUS.COM>
Sent: Tuesday, September 19, 2000 6:27 PM
Subject: Cisco PIX Firewall (smtp content filtering hack)
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> How to escape "fixup smtp" of Cisco Pix Firewall:
>
> The Cisco Pix Firewall normally restrict some protocol
command(http,ftp,smtp) and manage
> multisession protocol(h323, ftp,sqlnet) .
> I made some test on a BSDI3.0 running sendmail9 placed in the dmz .
> The Pix version it's the latest, 5.2(1)... here the output of "show ver"
> =====================================================
> Cisco Secure PIX Firewall Version 5.2(1)
>
- Next message: Jeffrey W. Baker: "Re: Cisco PIX Firewall (smtp content filtering hack)"
- Previous message: http-equivexcite.com: "Fwd: Re: Double clicking on MS Office documents from Windows Explorer mayexecute arbitrary programs in some cases"
- In reply to: naif: "Cisco PIX Firewall (smtp content filtering hack)"
- Next in thread: Fabio Pietrosanti (naif): "Re: Cisco PIX Firewall (smtp content filtering hack) - Version 4.2(1) not exploitable"
- Reply: Leandro Dardini: "Re: Cisco PIX Firewall (smtp content filtering hack) - Version 4.2(1) not exploitable"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]