Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: New Samba remote root vuln (CVE-2012-1182) script idea

From: Paulino Calderon <paulino () calderonpale com>
Date: Fri, 13 Apr 2012 17:21:44 -0600
Hi list,
Here is the other set of reproducers I managed to download.
The detection method proposed by Aleksandar sounds correct, if the instance is vulnerable, the active connection dies. Otherwise, the response varies according to the version but the connection is not closed. 

Cheers.

On 04/13/2012 02:28 PM, Fyodor wrote:

On Wed, Apr 11, 2012 at 12:02:48AM -0700, Fyodor wrote:

Announcement:
    https://www.samba.org/samba/security/CVE-2012-1182
Bugzilla entry, with proof of concept code:
    https://bugzilla.samba.org/show_bug.cgi?id=8815

It looks like they decided to remove the "reproducers" for some
reason.  So in case it helps anyone who is working on an NSE script,
here is the reproducer I downloaded on the 11th:

http://nmap.org/tmp/c/cve-2012-1182/

There used to be several more reproducers, but I didn't download those
while they were there.

Cheers,
Fyodor
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Attachment: reproducers0.zdi.tar.bz2
Description: 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: