Nmap Development mailing list archives
Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Mon, 29 Mar 2010 22:54:31 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 30 Mar 2010 00:50:28 +0200 Patrik Karlsson <patrik () cqure net> wrote:
This is a great find Patrik, congrats on your release. I just gave our machines a scan here and as expected, we had 1635 machines with AFP running. Surprisingly though, only 291 were vulnerable. That seems like a huge discrepancy. There doesn't seem to be enough verbose script output to understand why the other ~1300 machines aren't vulnerable. Thoughts?
I was discovered the vulnerability on Snow Leopard and was not able to reproduce it on Leopard or older systems. Can these ~1300 machines fall into that category?
Yeah, most likely. If students were on campus this week it would have been (and I suppose will be soon) > 2000 vulnerable. You've gotta love getting pwnd via "../". I bet you were shaking your head back and forth so much that now you've got a legal case against Apple for a repetitive strain injury. Brandon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) iEYEARECAAYFAkuxL60ACgkQqaGPzAsl94JH5wCfUPTlT9S8IuFIqANONPrQsF9D LIsAn2K1oHcs7a0sX6urjcVx/WrUM1+M =Q4ku -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533 Patrik Karlsson (Mar 29)
- Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533 Ron (Mar 29)
- Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533 Patrik Karlsson (Mar 29)
- Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533 Ron (Mar 29)
- Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533 Patrik Karlsson (Mar 29)
- Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533 Ron (Mar 29)
- Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533 Patrik Karlsson (Mar 29)
- Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533 Ron (Mar 29)
- Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533 Patrik Karlsson (Mar 29)
- Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533 Brandon Enright (Mar 29)
- Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533 Patrik Karlsson (Mar 29)