Nmap Development mailing list archives

Re: Nmap suggestion script.

From: Aleksandar Nikolic <nikolic.alek () gmail com>
Date: Fri, 05 Oct 2012 16:34:36 +0200

It does crash the client process, but since for each client a new
process is spawned
it doesn't disrupt the service in any way, so it's a bit intrusive, but
doesn't render the
service unusable.


On 10/5/2012 2:20 PM, Richard Miles wrote:

Hi Aleksandar

Interesting, good point. And is your script "safe"? Or should it crash
the boxes or disrupt in anyhow the actual code?

Thanks.

On Fri, Oct 5, 2012 at 1:59 AM, Aleksandar Nikolic
<nikolic.alek () gmail com <mailto:nikolic.alek () gmail com>> wrote:

    it's a different vuln, in a way.
    That part of the code was autogenerated, so there were like 10
    vulns, all from the same error, so it's a single patch.
    My script checks for a different vuln than that exploit because it was
    easier to test for it. Presence of one implies the presence of other.

    On Thu, Oct 4, 2012 at 8:18 PM, Richard Miles
    <richard.k.miles () googlemail com
    <mailto:richard.k.miles () googlemail com>> wrote:
    > Thanks Aleksandar, very appreciated your clarification and your
    script.
    >
    > I guess this is a different vuln from the exploit released today at
    > metasploit blog post, right?
    >
    >
    http://www.metasploit.com/modules/exploit/linux/samba/setinfopolicy_heap
    >
    > Thanks.
    >
    >
    > On Fri, Sep 28, 2012 at 3:16 PM, Aleksandar Nikolic
    <nikolic.alek () gmail com <mailto:nikolic.alek () gmail com>>
    > wrote:
    >>
    >> afaik, that is not a 0day, it's an exploit for one of the vulns
    patched
    >> back in april
    >> and I wrote a script for it back when it was published
    >> http://nmap.org/nsedoc/scripts/samba-vuln-cve-2012-1182.html
    >> note that there were several different vulns patched and
    assigned same CVE
    >> as the vulns were in auto-generated piece of code.
    >>
    >> Aleksandar
    >>
    >> On 9/28/2012 7:04 PM, Richard Miles wrote:
    >> > Hi
    >> >
    >> > Recently I saw this supposed 0day posted at FD, should be
    nice add a
    >> > check
    >> > for this bug at nmap similar to the smb security checks
    available for
    >> > windows.
    >> >
    >> >
    http://downloads.securityfocus.com/vulnerabilities/exploits/52973.py
    >> >
    >> > thanks
    >> > _______________________________________________
    >> > Sent through the nmap-dev mailing list
    >> > http://cgi.insecure.org/mailman/listinfo/nmap-dev
    >> > Archived at http://seclists.org/nmap-dev/
    >>
    >> _______________________________________________
    >> Sent through the nmap-dev mailing list
    >> http://cgi.insecure.org/mailman/listinfo/nmap-dev
    >> Archived at http://seclists.org/nmap-dev/
    >
    >


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Re: Nmap suggestion script. Richard Miles (Oct 04)
- Re: Nmap suggestion script. Aleksandar Nikolic (Oct 04)
  - Re: Nmap suggestion script. Richard Miles (Oct 05)
    - Re: Nmap suggestion script. Aleksandar Nikolic (Oct 05)