Nmap Development mailing list archives
Re: Nmap suggestion script.
From: Aleksandar Nikolic <nikolic.alek () gmail com>
Date: Fri, 05 Oct 2012 16:34:36 +0200
It does crash the client process, but since for each client a new process is spawned it doesn't disrupt the service in any way, so it's a bit intrusive, but doesn't render the service unusable. On 10/5/2012 2:20 PM, Richard Miles wrote:
Hi Aleksandar Interesting, good point. And is your script "safe"? Or should it crash the boxes or disrupt in anyhow the actual code? Thanks. On Fri, Oct 5, 2012 at 1:59 AM, Aleksandar Nikolic <nikolic.alek () gmail com <mailto:nikolic.alek () gmail com>> wrote: it's a different vuln, in a way. That part of the code was autogenerated, so there were like 10 vulns, all from the same error, so it's a single patch. My script checks for a different vuln than that exploit because it was easier to test for it. Presence of one implies the presence of other. On Thu, Oct 4, 2012 at 8:18 PM, Richard Miles <richard.k.miles () googlemail com <mailto:richard.k.miles () googlemail com>> wrote: > Thanks Aleksandar, very appreciated your clarification and your script. > > I guess this is a different vuln from the exploit released today at > metasploit blog post, right? > > http://www.metasploit.com/modules/exploit/linux/samba/setinfopolicy_heap > > Thanks. > > > On Fri, Sep 28, 2012 at 3:16 PM, Aleksandar Nikolic <nikolic.alek () gmail com <mailto:nikolic.alek () gmail com>> > wrote: >> >> afaik, that is not a 0day, it's an exploit for one of the vulns patched >> back in april >> and I wrote a script for it back when it was published >> http://nmap.org/nsedoc/scripts/samba-vuln-cve-2012-1182.html >> note that there were several different vulns patched and assigned same CVE >> as the vulns were in auto-generated piece of code. >> >> Aleksandar >> >> On 9/28/2012 7:04 PM, Richard Miles wrote: >> > Hi >> > >> > Recently I saw this supposed 0day posted at FD, should be nice add a >> > check >> > for this bug at nmap similar to the smb security checks available for >> > windows. >> > >> > http://downloads.securityfocus.com/vulnerabilities/exploits/52973.py >> > >> > thanks >> > _______________________________________________ >> > Sent through the nmap-dev mailing list >> > http://cgi.insecure.org/mailman/listinfo/nmap-dev >> > Archived at http://seclists.org/nmap-dev/ >> >> _______________________________________________ >> Sent through the nmap-dev mailing list >> http://cgi.insecure.org/mailman/listinfo/nmap-dev >> Archived at http://seclists.org/nmap-dev/ > >
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Nmap suggestion script. Richard Miles (Oct 04)
- Re: Nmap suggestion script. Aleksandar Nikolic (Oct 04)
- Re: Nmap suggestion script. Richard Miles (Oct 05)
- Re: Nmap suggestion script. Aleksandar Nikolic (Oct 05)
- Re: Nmap suggestion script. Richard Miles (Oct 05)
- Re: Nmap suggestion script. Aleksandar Nikolic (Oct 04)