Vulnerability Development mailing list archives
Re: Remote exploitation of network scanners?
From: Fyodor <fyodor () INSECURE ORG>
Date: Fri, 25 Aug 2000 16:53:16 -0700
On Fri, 25 Aug 2000, Adam Prato wrote:
I believe both the l0pht, nmap, and bass that was supposedly built to do some massive whole-internet-biopsy type of scan for vulnerabilities have all had some sort of remote attack.
No. Nobody has ever demonstrated a remote exploit against Nmap. And local attacks aren't an issue because Nmap should never be run with privileges (eg suid root). Sure, a malicious target could slow Nmap down a bit by trickling responses back slowly, but I don't think you'll be able to cause Nmap to do something nasty like execute arbitrary code or clobber files. But don't get too complacent. I ship the source code with Nmap for a reason -- so that paranoid (smart!) users can determine what it does and even do a security audit if desired. You can grab the latest source from http://www.insecure.org/nmap/ . If you do manage to find anything, let me know. I'll write and advisory & give you prominent credit or (your choice) I'll just give you a URL for the patch so you can write and issue your own advisory. Cheers, Fyodor -- Fyodor 'finger pgp () pgp insecure org | pgp -fka' Frustrated by firewalls? Try nmap: http://www.insecure.org/nmap/ "The percentage of users running Windows NT Workstation 4.0 whose PCs stopped working more than once a month was less than half that of Windows 95 users."-- microsoft.com/ntworkstation/overview/Reliability/Highest.asp
Current thread:
- Re: Packet Fragmentation Attacks, (continued)
- Re: Packet Fragmentation Attacks Mikael Olsson (Aug 25)
- Remote exploitation of network scanners? Lincoln Yeoh (Aug 25)
- Re: Remote exploitation of network scanners? Paul Cardon (Aug 25)
- Re: Remote exploitation of network scanners? Marc Maiffret (Aug 25)
- Re: Remote exploitation of network scanners? Ricardo Anguiano (Aug 25)
- Re: Remote exploitation of network scanners? Bluefish (P.Magnusson) (Aug 26)
- Re: Remote exploitation of network scanners? Lincoln Yeoh (Aug 26)
- Re: Remote exploitation of network scanners? Ricardo Anguiano (Aug 26)
- Re: Remote exploitation of network scanners? Ryan Sweat (Aug 26)
- Re: Remote exploitation of network scanners? Adam Prato (Aug 25)
- Re: Remote exploitation of network scanners? Fyodor (Aug 26)
- Re: Remote exploitation of network scanners? Marshall Beddoe (Aug 26)
- Re: Remote exploitation of network scanners? Cashdollar, Larry (Aug 25)
- Re: Remote exploitation of network scanners? Renaud Deraison (Aug 26)
- Re: Remote exploitation of network scanners? antirez (Aug 26)
- Re: Remote exploitation of network scanners? Domenico De Vitto (Aug 30)
- Re: Remote exploitation of network scanners? Bluefish (P.Magnusson) (Aug 31)