Nmap Development mailing list archives

Re: [NSE] jboss-vuln-cve2010-0738.nse

From: Patrik Karlsson <patrik () cqure net>
Date: Tue, 19 Jun 2012 22:34:18 +0200


What needs to change in http-method-tamper in order for it to be able to
detect this vulnerability. It seems to me that it already does, with no
changes? It uses the same /jmx-console path as this exploit script. So
is the only thing different about this new script, the addition of
exploit code?

David Fifield


It does detect the vulnerability for the jmx-console path and supports
changing path with an argument.
What I'm suggesting is to make it more general, as the vulnerability could
be present in other java app servers under different paths, as I believe
this could be the result of unfortunate configuration. So adding spidering
functionality to that script would allow it to be used for more generic use
and this new script would replace this particular check + add exploit
capabilities.

//Patrik
-- 
Patrik Karlsson
http://www.cqure.net
http://twitter.com/nevdull77
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

[NSE] jboss-vuln-cve2010-0738.nse Tiago Natel de Moura (Jun 15)
- Re: [NSE] jboss-vuln-cve2010-0738.nse Patrik Karlsson (Jun 16)
  - Re: [NSE] jboss-vuln-cve2010-0738.nse Tiago Natel de Moura (Jun 16)
    - Re: [NSE] jboss-vuln-cve2010-0738.nse Patrik Karlsson (Jun 16)
    - Re: [NSE] jboss-vuln-cve2010-0738.nse Patrik Karlsson (Jun 17)
  - Re: [NSE] jboss-vuln-cve2010-0738.nse David Fifield (Jun 19)
    - Re: [NSE] jboss-vuln-cve2010-0738.nse Patrik Karlsson (Jun 19)
    - Re: [NSE] jboss-vuln-cve2010-0738.nse David Fifield (Jun 19)
    - Re: [NSE] jboss-vuln-cve2010-0738.nse Patrik Karlsson (Jun 19)