On Thu, Jul 04, 2002 at 06:41:11PM +0200, Konrad Klein wrote:
> Hi everybody,
>
> I have the following problem. I installed a box with SuSE 7.2, updated all
> packages und then checked the security of the server with Nessus.
>
> The result of the scan is, that Nessus could crash sendmail, because of a HELO
> command with a long argument. Is there a way to prevent this, or is this a
> problem of the installed SuSE rpm sendmail-8.11.3-68.rpm ?

Exactly what happened? Did you confirm it crashed, or did it ust exit?
What is the domain name nessus used in the HELO command? I tried with
"aaaaa.." and all I got was "501 5.0.0 Invalid domain name".

Olaf

-- 
Olaf Kirch     |  Anyone who has had to work with X.509 has probably
okirsuse.de   |  experienced what can best be described as
---------------+  ISO water torture. -- Peter Gutmann
-- 
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]