Aleksandar's status report - #7 of 17

[Aleksandar Nikolic <nikolic.alek () gmail com>]

Hi all,

During the past week, I've finished and polished up a dns-nsec3-enum script
which has since been merged into trunk. It was a challenging task as I was
not familiar with DNSSEC, but was fun to do nevertheless.
Script it self is at:
https://svn.nmap.org/nmap/scripts/dns-nsec3-enum.nse


Apart from that, I made another addition to vuln category for a rather old
vulnerability in frontpage extensions for IIS. Real trick here was to actually
configure a vulnerable server to test it against.


Today I began working on next script in my queue.
It is a recent Symanted pcAnywhere pre-auth vulnerability scan script.
There is no public exploit available, but remote code execution is possible,
CVSS scrore of "HIGH" and the fact that it's preauth would make this
script interesting.

After that, next one in queue is tomcat login scan script.


Aleksandar
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/