From: Michael Scheidell (scheidell@secnap.net)
Date: Tue Jun 12 2007 - 18:42:50 EDT
> -----Original Message-----
> From: listbounce@securityfocus.com
> [mailto:listbounce@securityfocus.com] On Behalf Of Harold Castro
> Sent: Monday, June 11, 2007 4:56 AM
> To: pen-test@securityfocus.com
> Subject: Pentesting Old unsupported Firewall Appliances
>
>
> Hi,
>
> I'm new in pen testing.
> Recently, I came across this firewall appliance
> running Apache/1.3.26
> (Unix) mod_dtcl mod_ssl/2.8.10 OpenSSL/0.9.7 during an
> external pentest.
>
'came across'?
If this client has paid you to pen test this device, just look up the
hacks, download the scripts, exploit the hole, leave a file, gif or
create a subdirectory on the device to show user it is vulnerable.
Let user replace or update it, depending on budget and/or support level.
-- Michael Scheidell, CTO SECNAP Network Security Corporation _________________________________________________________________________ This email has been scanned and certified safe by SpammerTrap(tm). For Information please see http://www.spammertrap.com _________________________________________________________________________ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:52 EDT