Re: [Exim] HELO overflow?

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Suresh Ramasubramanian
Dátum:  
Címzett: Michael Scott Shappe
CC: exim-users
Tárgy: Re: [Exim] HELO overflow?
On Mon, 26 Aug 2002, Michael Scott Shappe wrote:

> Nessus is telling me that exim-4.10 has a HELO overflow vunerability. I can
> find no other reference to this being a current, known problem. Is nessus on
> crack?


Nessus is generally on crack, when it comes to interpreting this sort of thing.

There are several other "security checker" programs around, the sort that say
"mailserver supports EHLO, disable it because it could lead to someone guessing
inappropriate details about your server configuration".

I recently had great pleasure discussing with a former colleague on just how to
tell a consultant who was insisting on this to FOAD ...

    -srs