Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533

[Brandon Enright <bmenrigh () ucsd edu>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 30 Mar 2010 00:50:28 +0200
Patrik Karlsson <patrik () cqure net> wrote:

> > This is a great find Patrik, congrats on your release.  I just gave
> > our machines a scan here and as expected, we had 1635 machines with
> > AFP running.  Surprisingly though, only 291 were vulnerable.  That
> > seems like a huge discrepancy.  There doesn't seem to be enough
> > verbose script output to understand why the other ~1300 machines
> > aren't vulnerable.  Thoughts?

> I was discovered the vulnerability on Snow Leopard and was not able
> to reproduce it on Leopard or older systems. Can these ~1300 machines
> fall into that category?

Yeah, most likely.  If students were on campus this week it would have
been (and I suppose will be soon) > 2000 vulnerable.

You've gotta love getting pwnd via "../".  I bet you were shaking your
head back and forth so much that now you've got a legal case against
Apple for a repetitive strain injury.

Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)

iEYEARECAAYFAkuxL60ACgkQqaGPzAsl94JH5wCfUPTlT9S8IuFIqANONPrQsF9D
LIsAn2K1oHcs7a0sX6urjcVx/WrUM1+M
=Q4ku
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/