Nmap Development mailing list archives

Re: NSE script for CVE-2005-0116

From: Mariusz Ziulek <mzet () owasp org>
Date: Sat, 11 Oct 2014 17:17:03 +0200

Hi guys,

I'm sending improved version of the script:

1) I've done code cleanup and added more meaningful debug messages

2) I'm using 'vulns' library now

3) I've done additinal testing to make sure that script works well - it
does.

I know that it's quite ancient vulnerability but I still think that it's
worth to have this script in Nmap. Script is tested and ready for
submission.

Regards,
Mariusz 

--
http://z-labs.eu
https://github.com/mzet-/libxploit

On Mon, Sep 29, 2014 at 11:53:20PM +0200, Mariusz Ziulek wrote:

Hi,

I've created NSE script for CVE-2005-0116 vulnerability in AWStats
(awstats.sourceforge.net). Script is based on Metasploit's module:
http://www.rapid7.com/db/modules/exploit/unix/webapp/awstats_configdir_exec.

I've tested it against local installation of vulnerable awstats (version
6.2). 

All feedback is welcomed, but be aware that's my first NSE script :)

Regards,
Mariusz

--
http://z-labs.eu
https://github.com/mzet-/libxploit

Attachment: http-awstats-configdir.nse
Description:

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Re: NSE script for CVE-2005-0116 Mariusz Ziulek (Oct 11)