VULHUB ™

Many sendmail daemons can be abused to get information about what accounts exist. By following basic RFC standart procedues - without VRFY and EXPN - we can still list the valid users using by another command as suggested in [RFC821]. Includes demonstration code smtp-cracker.c.

Many sendmail daemons can be abused to get information about what accounts exist. By following basic RFC standart procedues - without VRFY and EXPN - we can still list the valid users using by another command as suggested in [RFC821]. Includes demonstration code smtp-cracker.c.