- the sendmail version allows a remote buffer overflow
http://cve.mitre.org/cgi-bin/cvename.cg ... -2002-1337
- Not that it matters, but the EXPN and VRFY commands are allowed on the mail server too
- RSH service is enabled, which allow TCP spoofing attacks
- TFTP allows unrestricted download of any file on the server
Not that this matter, because I hope all of us put the PBX on a separate VLAN so none can get into our stuff.. But if this is used in a hospital, or some kind of governmental agency, it sucks !
