poprelayd_auth.nasl

漏洞扫描源码,可以扫描linux,windows,交换机路由器

# This script was written by Michel Arboi <arboi@alussinan.org>
# GPL
#
# Script audit and contributions from Carmichael Security <http://www.carmichaelsecurity.com>
#      Erik Anderson <eanders@carmichaelsecurity.com>
#      Added BugtraqID and CVE
#
# References:
# Date:  Tue, 3 Jul 2001 19:05:10 +0200 (CEST)
# From: "Andrea Barisani" <lcars@infis.univ.trieste.it>
# To: bugtraq@securityfocus.com
# Subject: poprelayd and sendmail relay authentication problem (Cobalt Raq3)
#

if(description)
{
 script_id(11080);
 script_bugtraq_id(2986);
 script_version ("$Revision: 38 $");
 script_cve_id("CVE-2001-1075");
 name["english"] = "poprelayd & sendmail authentication problem";
 name["francais"] = "Probl鑝e d'authentification de poprelayd & sendmail";
 script_name(english:name["english"],
 	     francais:name["francais"]);
 
 desc["english"] = "
The remote SMTP server allows relaying for authenticated users. 
It is however possible to poison the logs; this means that spammers
would be able to use your server to send their e-mails to
the world, thus wasting your network bandwidth and getting you
blacklisted.

*** Some SMTP servers such as Postfix will display a false positive
*** here

Risk factor : Low

Solution : Disable poprelayd";


 script_description(english:desc["english"]);
		    
 
 summary["english"] = "Checks if the remote mail server can be used as a spam relay"; 
 summary["francais"] = "V閞ifie si le serveur de mail distant peut etre utilis