[Snort-users] Question on 663

rmkml rmkml at ...953...
Thu Apr 9 11:38:31 EDT 2009


Hi,
maybe look:
  http://www.securityfocus.com/bid/1/exploit
Regards
Rmkml
Crusoe-Researches.com


On Thu, 9 Apr 2009, Jack Pepper wrote:

> This rule looks for "RCPT TO: ;"
>
> The reference to cve,1999-0095 regards sendmail having the "debug"
> command enabled. Ditto for the bugtraq,1 reference.  And arachnids has
> been dead for at least 5 years.
>
> Anybody know why this rule exists?  What is the exploitation of RCPT TO ?
>
> jp
>
>
>
>
>
> -- 
>
> Framework?  I don't need no stinking framework!
>
> ----------------------------------------------------------------
> @fferent Security Labs:  Isolate/Insulate/Innovate
> http://www.afferentsecurity.com
>
>
> ------------------------------------------------------------------------------
> This SF.net email is sponsored by:
> High Quality Requirements in a Collaborative Environment.
> Download a free trial of Rational Requirements Composer Now!
> http://p.sf.net/sfu/www-ibm-com
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>




More information about the Snort-users mailing list