Nmap Development mailing list archives
Re: [NSE] Exploit for CVE-2010-4344 and CVE-2010-4345 - Exim SMTP server
From: Henri Doreau <henri.doreau () greenbone net>
Date: Thu, 23 Jun 2011 07:43:04 +0200
2011/6/23 Djalal Harouni <tixxdz () opendz org>:
The script was tested against Ubuntu and Debian. x86 architectures were exploited successfully. On x86_64 the smtpd child will be killed, but the script can detect this and report it.
I think that this behavior we observed on a x86_64 system is actually due to anti-exploitation mechanisms instead of the CPU architecture. To be confirmed though. But as you said, this doesn't prevent the script from detecting the vulnerability. Regards. -- Henri Doreau | Greenbone Networks GmbH | http://www.greenbone.net Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Exploit for CVE-2010-4344 and CVE-2010-4345 - Exim SMTP server Djalal Harouni (Jun 22)
- Re: [NSE] Exploit for CVE-2010-4344 and CVE-2010-4345 - Exim SMTP server Henri Doreau (Jun 22)
- Re: [NSE] Exploit for CVE-2010-4344 and CVE-2010-4345 - Exim SMTP server Djalal Harouni (Jun 23)
- Re: [NSE] Exploit for CVE-2010-4344 and CVE-2010-4345 - Exim SMTP server Djalal Harouni (Jun 24)
- Re: [NSE] Exploit for CVE-2010-4344 and CVE-2010-4345 - Exim SMTP server Djalal Harouni (Jun 23)
- Re: [NSE] Exploit for CVE-2010-4344 and CVE-2010-4345 - Exim SMTP server Henri Doreau (Jun 22)