Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] http-cve-2009-3960 (Adobe XML External Entity Injection)

From: Hani Benhabiles <kroosec () gmail com>
Date: Mon, 2 Jan 2012 20:59:42 +0100
I believe not, as different paths are used by different products. If two
vulnerabilities are detected we will end up outputting the same file twice
(not that bad imo) but have two different attack vectors.

On Mon, Jan 2, 2012 at 8:50 PM, Patrik Karlsson <patrik () cqure net> wrote:




On Mon, Jan 2, 2012 at 5:55 PM, Hani Benhabiles <kroosec () gmail com> wrote:


Yeah, sorry!



Thanks and great work! It's committed as r27765.
One last question: Wouldn't it make more sense to break the loop, once the
vulnerability has been detected?

Cheers,
Patrik
--
Patrik Karlsson
http://www.cqure.net
http://twitter.com/nevdull77






-- 
M. Hani Benhabiles
OWASP Algeria SC founder and president.
Blog: http://kroosec.blogspot.com
Twitter: kroosec <https://twitter.com/#%21/kroosec>
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: