Re: Apache killer (was: [NSE] New script and email update patch)

[Fyodor <fyodor () insecure org>]

On Mon, Aug 29, 2011 at 11:43:54PM +0200, Henri Doreau wrote:
> Modified script checked in as r26238, thanks again!

Yes, thanks Duarte.  And thanks Henri!  Regarding categories:

> added "safe" and "default" to follow what seems to be the common
> scheme (like realvnc-auth-bypass or http-vmware-path-vuln).

Safe sounds fair.  As far as "default", I think our general approach
is not to put vuln detection scripts there.  People should probably
say so (e.g. with "--script vuln") if they want Nmap to do a vuln
scan.  Of our 27 "vuln" scripts, only four (including this one) are in
"default":

http-vmware-path-vuln.nse
http-vuln-cve2011-3192.nse
realvnc-auth-bypass.nse
wdb-version.nse

wdb-version is a version detection script, so I think that is OK in
default.  But it is probably best to remove the other three.  I'll
take care of that, but anyone is encouraged to speak up if you think
we should leave these in "default" or even put more of the "vuln"
scripts there.

Cheers,
Fyodor
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/