Penetration Testing mailing list archives
Re: MS99-027 - New IIS problem?
From: Tom Fischer <Tom.Fischer () rus uni-stuttgart de>
Date: Sat, 13 Jul 2002 18:46:33 +0200
Hi, On Mon, Jul 08, 2002 at 06:11:49AM -0000, Jason wrote:
I was recently doing a penetration test and noticed a problem with the SMTP component of their web server that allowed me to relay mail using an old SMTP encapsulation problem.
is this the same problem mentioned in the "Portcullis Security Advisory - IIS Microsoft SMTP Service Encapsulated SMTP Address Vulnerability"? (http://cert.uni-stuttgart.de/archive/bugtraq/2002/07/msg00129.html) -- Tom Fischer Tom.Fischer () rus uni-stuttgart de RUS-CERT University of Stuttgart Tel:+49 711 685-8076 / -5898 (fax) Allmandring 30, D-70550 Stuttgart http://cert.uni-stuttgart.de/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- MS99-027 - New IIS problem? Jason (Jul 08)
- Re: MS99-027 - New IIS problem? Tom Fischer (Jul 13)
- Re: MS99-027 - New IIS problem? Jason binger (Jul 15)
- <Possible follow-ups>
- RE: MS99-027 - New IIS problem? Lucas (Jul 11)
- Re: MS99-027 - New IIS problem? Tom Fischer (Jul 13)