Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: NSE: mysql-vuln-cve2012-2122 - Authentication bypass in MySQL and MariaDB servers up to 5.1.61, 5.2.11, 5.3.5 and 5.5.22

From: David Fifield <david () bamsoftware com>
Date: Mon, 11 Jun 2012 13:16:47 -0700
On Mon, Jun 11, 2012 at 02:45:48AM -0600, Paulino Calderon wrote:

After testing from a remote connection I realized the iteration
counter needed to be way bigger. I also left additional debug
messages that were added when troubleshooting.


Let's commit this script as we've already had some positive reports.

What made you increase to 10000 tries? The chance of failing after 1000
is (255/256)**1000 ≈ 2%. Was that too high a failure rate or was it for
some other reason?

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: