• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Metainfo MetaIP and Sendmail Vulnerabilities

Identifying a victim:
For sendmail, telneting to port 25 will yield a banner stating 'Sendmail
2.0/
2.5 (Build xxxx)', which lets you know they're running MetaInfo Sendmail
(v2.5 includes MetaInfo's name in the banner).
For MetaIP, if remote administration is enabled, telneting to port 2040
(default) will give you a prompt to the effect of 'V3.1'.

Of course, the default Java config port of 2040, and the web UI ports
of 5000 and 5001 are user-definable; so it is possible to have these
services
running and not on these particular ports. A thorough port scan would
resolve that issue.