Nmap Development mailing list archives

Re: http-barracuda-dir-traversal.nse

From: Gutek <ange.gutek () gmail com>
Date: Wed, 08 Jun 2011 18:01:48 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Le 08/06/2011 06:00, Brendan Coles a écrit :
There's tonnes of information available in the

Barracuda config files, including plaintext passwords for all mail accounts.
The configuration files often contain hundreds (if not thousands) of user
accounts so I've left this information out for now.


(script not tested yet)
So, maybe it would be useful to report if such accounts are present, and
how many ? that way the nmap user would be aware of this critical info
and could investigate further.

Thanks for this script,

A.G.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/

iEUEARECAAYFAk3vnOwACgkQ3aDTTO0ha7ivDgCfX2ej9Ux/IKZF8aMRB9AT8RYp
HAMAljTDsfhww+AiXnJ3XcxBRKsDlOI=
=jnfg
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

http-barracuda-dir-traversal.nse Brendan Coles (Jun 07)
- Re: http-barracuda-dir-traversal.nse Gutek (Jun 08)
  - Re: http-barracuda-dir-traversal.nse Michael Lubinski (Jun 08)
    - Re: http-barracuda-dir-traversal.nse Toni Ruottu (Jun 09)
    - Re: http-barracuda-dir-traversal.nse Patrik Karlsson (Jun 09)
    - Re: http-barracuda-dir-traversal.nse Brendan Coles (Jun 09)
    - Re: http-barracuda-dir-traversal.nse David Fifield (Jun 14)
    - Re: http-barracuda-dir-traversal.nse Brendan Coles (Jun 14)
    - Re: http-barracuda-dir-traversal.nse Paulino Calderon (Jun 28)
    - Re: http-barracuda-dir-traversal.nse Fyodor (Jun 14)
    - Re: http-barracuda-dir-traversal.nse Patrik Karlsson (Jun 19)
    - Re: http-barracuda-dir-traversal.nse Toni Ruottu (Jun 19)

(Thread continues...)