Bugtraq mailing list archives
Re: ISS Internet Scanner Cannot be relied upon for conclusive
From: blkadder () VALUE NET (blkadder () VALUE NET)
Date: Mon, 8 Feb 1999 09:55:03 -0800
On Mon, 8 Feb 1999, David LeBlanc wrote:
One of the ways to check for this particular bug is to us SNMP to pull down the sysDescr information, and parse it to look for versions that we know have problems. _If_ we can get the system description, it is an easy and reliable way to find vulnerable machines. However, if SNMP isn't running, or won't respond (even after trying to guess the community string), then this method won't work.
Another method to check for that particular bug is to actually attempt the exploit. And you are not doing that because.... ???
Current thread:
- Re: Cyrix bug: freeze in hell, badboy, (continued)
- Re: Cyrix bug: freeze in hell, badboy Phillip R. Jaenke (Feb 05)
- HP-UX 11.0/800 patches leave suid binaries Lamont Granquist (Feb 05)
- Re: HP-UX 11.0/800 patches leave suid binaries Olle Segerdahl,D (Feb 08)
- Re: Cyrix bug: freeze in hell, badboy Ragnar Hojland Espinosa (Feb 06)
- remote exploit on pine 4.10 - neverending story? Michal Zalewski (Feb 07)
- Re: remote exploit on pine 4.10 - neverending story? Thomas Roessler (Feb 08)
- Re: remote exploit on pine 4.10 - neverending story? John D. Hardin (Feb 08)
- Possible Security Problem: Fake PGP Key Ben Laurie (Feb 08)
- ISS Internet Scanner Cannot be relied upon for conclusive Audits Mr. joej (Feb 07)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 08)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive blkadder () VALUE NET (Feb 08)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive BVE (Feb 08)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Jim Trocki (Feb 11)
- How scanners actually work David LeBlanc (Feb 10)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 08)
- Sendmail 8.9.3 Patrick Oonk (Feb 09)