Nmap Development mailing list archives
Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service
From: Richard Miles <richard.k.miles () googlemail com>
Date: Mon, 31 May 2010 13:52:31 +0000
2010/5/31 Dražen Popović <drazen.popovic () fer hr>:
On Mon, 2010-05-31 at 00:49 +0000, Richard Miles wrote:Interesting. But for the others that required a credential, this credential need to be a administrative credential? Or it can be a normal user?This service is used for managing the network configuration, so admin privs are required. I must try it to be sure...I'll get back to you.
I'm not telling it's useless, I just want to understand. IF you see this service, probable you are on a LAN, what is the goal of exploit a overflow that needs a admin priv if you can just use this priv to log on the machine? I'm not blaming, I just want to understand.
Nice. This vulnerability is newer then MS08-067?Well depends...if you're considering the MS designation this vuln is newer. But the origin of this vuln dates back to 2003 I think.
I mean, what patch by microsoft is newer, because if the newer is patched is probable that the older will be too, right?
Regards, Dražen. -- Laboratory for Systems and Signals Department of Electronic Systems and Information Processing Faculty of Electrical Engineering and Computing University of Zagreb
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Dražen Popović (May 28)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Richard Miles (May 28)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Dražen Popović (May 30)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Richard Miles (May 30)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Dražen Popović (May 31)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Richard Miles (May 31)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Dražen Popović (May 31)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Ron (May 31)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Richard Miles (Jun 01)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Dražen Popović (Jun 02)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service David Fifield (Jun 02)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Dražen Popović (May 30)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Richard Miles (May 28)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Ron (May 31)