Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE] Check for CVE-2011-1720 - Postfix SMTP Cyrus SASL memory corruption

From: Ron <ron () skullsecurity net>
Date: Thu, 16 Jun 2011 16:31:12 -0500
On Mon, 16 May 2011 19:17:41 -0700 Fyodor <fyodor () insecure org> wrote:

Admittedly your script follows the pattern of the well-loved
smb-check-vulns script.  But that one does at least check for multiple
vulnerabilities.  And, frankly, it might make more sense for that one
to be split up too.  It is a strange mix of checking for several
vulnerabilities, checking for the Conficker malware, exploiting a DoS
bug, and exploiting an SMBv2 vulnerability.

While reading this thread, I was thinking the exact same thing. I don't remember why I ever put them in a single file, 
but I think we should split them out (and maybe deprecate smb-check-vulns by printing an error message if somebody 
tries to run it, telling them to run x, y, and z. 

Ron
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: