Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 2259 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Current sendmail version?

Krysiunia
Does anyone know the current sendmail version on release 6.303?

Recently, I get frequent IPS Alerts for sid=2183( packet has *not* been dropped). 

SNORT says this event is generated when an attempt is made to exploit a known vulnerability in "Systems running open-source sendmail versions prior to 8.12.9, including UNIX and Linux systems".

Thanks.


This thread was automatically locked due to age.
Parents
  • 0
    Don't worry. 

    Someone just tries to find a vulnerable sendmail SMTP server but will never succeed on the ASG because EXIM is used...

    Nice to know but nothing more.

    HTH
  • 0 in reply to HoSe
    ASG ver 6.3 uses Exim ver 4.43 for its mail processing. This is not the newest version of Exim. The current version is 4.63. For more info on Exim, see the URL below:

    http://www.exim.org/
  • 0 in reply to VelvetFog
    Incidentally, I've found that I get a lot of confirmed false positives in the SMTP category.. a quick check of where the traffic came from often shows it came from a customer or vendor, legitimate traffic.. the sendmail rules seem to get triggered quite a bit.. I just disable those, as they are for sendmail, and I'm running Exim in front of Exchange.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Reply
  • 0 in reply to VelvetFog
    Incidentally, I've found that I get a lot of confirmed false positives in the SMTP category.. a quick check of where the traffic came from often shows it came from a customer or vendor, legitimate traffic.. the sendmail rules seem to get triggered quite a bit.. I just disable those, as they are for sendmail, and I'm running Exim in front of Exchange.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Children
No Data
Cookie Information Banner