Nmap Development mailing list archives
nmap potentially vulnerable to Windows DLL Hijacking
From: Nikhil Mittal <nikhil_uitrgpv () yahoo co in>
Date: Wed, 1 Sep 2010 00:40:13 +0530 (IST)
Hi, I was just checking nmap 5.21 for Windows DLL hijacking and it seems that nmap is searching for airpcap.dll in "insufficient qualified path". If I force nmap to open a file from a network share it do try to load dll from that share, it means it is vulnerable? correct me if wrong. I am unable to exploit the vulnerability because while accessing airpcap.dll from network share I can see FAST IO Disallowed in procmon. I have no idea that whether this is something deliberately done for some reason for nmap. To sum up: It seems that nmap latest is vulnerable to Windows DLL Hijacking flaw. Regards, Nikhil Mittal _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- nmap potentially vulnerable to Windows DLL Hijacking Nikhil Mittal (Aug 31)
- Re: nmap potentially vulnerable to Windows DLL Hijacking Rob Nicholls (Aug 31)
- Re: nmap potentially vulnerable to Windows DLL Hijacking David Fifield (Sep 03)
- Message not available
- Re: nmap potentially vulnerable to Windows DLL Hijacking David Fifield (Sep 04)
- Re: nmap potentially vulnerable to Windows DLL Hijacking David Fifield (Sep 03)
- Re: nmap potentially vulnerable to Windows DLL Hijacking Rob Nicholls (Aug 31)
- <Possible follow-ups>
- Re: nmap potentially vulnerable to Windows DLL Hijacking Nikhil Mittal (Sep 05)