Nmap Development mailing list archives
Re: Nmap suggestion script.
From: Richard Miles <richard.k.miles () googlemail com>
Date: Fri, 5 Oct 2012 07:20:52 -0500
Hi Aleksandar Interesting, good point. And is your script "safe"? Or should it crash the boxes or disrupt in anyhow the actual code? Thanks. On Fri, Oct 5, 2012 at 1:59 AM, Aleksandar Nikolic <nikolic.alek () gmail com>wrote:
it's a different vuln, in a way. That part of the code was autogenerated, so there were like 10 vulns, all from the same error, so it's a single patch. My script checks for a different vuln than that exploit because it was easier to test for it. Presence of one implies the presence of other. On Thu, Oct 4, 2012 at 8:18 PM, Richard Miles <richard.k.miles () googlemail com> wrote:Thanks Aleksandar, very appreciated your clarification and your script. I guess this is a different vuln from the exploit released today at metasploit blog post, right? http://www.metasploit.com/modules/exploit/linux/samba/setinfopolicy_heap Thanks. On Fri, Sep 28, 2012 at 3:16 PM, Aleksandar Nikolic <nikolic.alek () gmail com>wrote:afaik, that is not a 0day, it's an exploit for one of the vulns patched back in april and I wrote a script for it back when it was published http://nmap.org/nsedoc/scripts/samba-vuln-cve-2012-1182.html note that there were several different vulns patched and assigned sameCVEas the vulns were in auto-generated piece of code. Aleksandar On 9/28/2012 7:04 PM, Richard Miles wrote:Hi Recently I saw this supposed 0day posted at FD, should be nice add a check for this bug at nmap similar to the smb security checks available for windows. http://downloads.securityfocus.com/vulnerabilities/exploits/52973.py thanks _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Nmap suggestion script. Richard Miles (Oct 04)
- Re: Nmap suggestion script. Aleksandar Nikolic (Oct 04)
- Re: Nmap suggestion script. Richard Miles (Oct 05)
- Re: Nmap suggestion script. Aleksandar Nikolic (Oct 05)
- Re: Nmap suggestion script. Richard Miles (Oct 05)
- Re: Nmap suggestion script. Aleksandar Nikolic (Oct 04)