Nmap Development mailing list archives
Re: [NSE] Check for CVE-2010-4221 - ProFTPD Server stack overflow
From: Djalal Harouni <tixxdz () opendz org>
Date: Thu, 30 Jun 2011 19:44:19 +0100
On Thu, Jun 30, 2011 at 08:21:42PM +0200, Henri Doreau wrote:
2011/6/30 Djalal Harouni <tixxdz () opendz org>:After more tests I'll commit it tomorrow, thanks.Thanks Djalal, I have successfully tested the script against the following systems - ProFTPD 1.3.2rc4 on Linux x86_64 (vulnerable) - ProFTPD 1.3.3b on FreeBSD x86_64 (vulnerable) As well as this one: - ProFTPD 1.3.4rc2 (devel) on Linux x86_64 (not vulnerable)
Ok, that evil packet gives us good result :)
For this last case the script doesn't generate a false positive but I get: "ftp-vuln-cve2010-4221: this is not ProFTPD server." despite -sV correctly detected ProFTPD. Maybe this script could offer an option to force the more intrusive checks and/or use port.version.product if available.
I'll use that info if available otherwise we'll just force the check by default (even if we miss the version match). Thanks Henri for testing, I'll commit the script this night. -- tixxdz http://opendz.org _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Check for CVE-2010-4221 - ProFTPD Server stack overflow Djalal Harouni (Jun 30)
- Re: [NSE] Check for CVE-2010-4221 - ProFTPD Server stack overflow Henri Doreau (Jun 30)
- Re: [NSE] Check for CVE-2010-4221 - ProFTPD Server stack overflow Djalal Harouni (Jun 30)
- Re: [NSE] Check for CVE-2010-4221 - ProFTPD Server stack overflow Djalal Harouni (Jun 30)
- Re: [NSE] Check for CVE-2010-4221 - ProFTPD Server stack overflow Djalal Harouni (Jun 30)
- Re: [NSE] Check for CVE-2010-4221 - ProFTPD Server stack overflow Henri Doreau (Jun 30)