Nmap Development mailing list archives
Re: New Samba remote root vuln (CVE-2012-1182) script idea
From: Aleksandar Nikolic <nikolic.alek () gmail com>
Date: Fri, 20 Apr 2012 16:18:06 +0200
Hi , can you confirm that your installation is vulnerable? I've just run all ZDI reproducers against a freshly installed ubuntu (samba version 3.5.11) and none of them triggered the bugs, so it looks like it's patched. Could you, please, run the ZDI reproducers and check if they cause the crash on your installation ? Regards, Aleksandar On Fri, Apr 20, 2012 at 2:13 PM, Patrik Karlsson <patrik () cqure net> wrote:
On Fri, Apr 20, 2012 at 2:04 PM, Aleksandar Nikolic < nikolic.alek () gmail com> wrote:Hi, could you check the logs and see if the script actually crashed the machine? Log should be called log.nmap , and should mention invalid free and crash as opposed to simple error. I'll set up a test and check myself. Regards, AleksandarNo, doesn't look that way. This is what I'm seeing: [2012/04/20 14:12:40.720710, 1] ../librpc/ndr/ndr.c:395(ndr_pull_error) ndr_pull_error(13): value out of range [2012/04/20 14:12:40.720788, 0] rpc_server/srv_pipe.c:2439(api_rpcTNP) api_rpcTNP: \samr: SAMR_GETALIASMEMBERSHIP failed. //Patrik -- Patrik Karlsson http://www.cqure.net http://twitter.com/nevdull77
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New Samba remote root vuln (CVE-2012-1182) script idea Fyodor (Apr 11)
- Re: New Samba remote root vuln (CVE-2012-1182) script idea Aleksandar Nikolic (Apr 11)
- Re: New Samba remote root vuln (CVE-2012-1182) script idea Fyodor (Apr 13)
- Re: New Samba remote root vuln (CVE-2012-1182) script idea Paulino Calderon (Apr 14)
- Re: New Samba remote root vuln (CVE-2012-1182) script idea Aleksandar Nikolic (Apr 17)
- Re: New Samba remote root vuln (CVE-2012-1182) script idea Patrik Karlsson (Apr 20)
- Re: New Samba remote root vuln (CVE-2012-1182) script idea Aleksandar Nikolic (Apr 20)
- Re: New Samba remote root vuln (CVE-2012-1182) script idea Patrik Karlsson (Apr 20)
- Re: New Samba remote root vuln (CVE-2012-1182) script idea Aleksandar Nikolic (Apr 20)
- Re: New Samba remote root vuln (CVE-2012-1182) script idea Patrik Karlsson (Apr 20)
- Re: New Samba remote root vuln (CVE-2012-1182) script idea Paulino Calderon (Apr 14)
- Re: New Samba remote root vuln (CVE-2012-1182) script idea Patrik Karlsson (Apr 21)
- Re: New Samba remote root vuln (CVE-2012-1182) script idea Aleksandar Nikolic (Apr 22)