Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Fixes to smb-brute.nse

From: Ron <ron () skullsecurity net>
Date: Mon, 25 Jan 2010 13:59:12 -0600


On 01/25/2010 01:55 PM, David Fifield wrote:

On Sat, Jan 23, 2010 at 10:35:47AM -0600, Ron wrote:

A couple people reported a bug to me in smb-brute.nse. In recent
versions, it doesn't detect account lockouts properly and locks out
every account (if lockouts are enabled). That was a stupid mistake on my
part, I was checking a return condition incorrectly.

I fixed this in r16350, which I suggest should be copied to 5.21 -- it's
a bug that can be harmful in certain cases.


Do you mean r16537? That's already merged to the 5.21 branch.

r16537 | ron | 2010-01-21 20:25:22 -0700 (Thu, 21 Jan 2010) | 1 line
Fixed a bug in smb-brute that wouldn't detect properly if an account
became locked out, and would proceed to lock out every account. It was a
totally braindead mistake on my part, I don't know how I did it, but I
got a condition backwards. It's fixed now, though\!

David Fifield


Oops, yes, that's the one.
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: