mailing list archives
Collected responses to: Safe Scanning
From: Fyodor <fyodor () insecure org>
Date: Sun, 26 Mar 2000 16:02:31 -0800 (PST)
Here are some more replies in the nmap-crashing-machines thread. I
thought it would be better to collect them all and send as a group
rather than let them trickle in one by one (I have also cut out some
of the quoting):
From: amanda <amanda () wineasy se>
Using 'nmap -vO' against an HP-UX 9.04 machine running MC/ServiceGuard
(HP's so-called High-Availability Cluster :-) would crash the host
everytime a year ago. I think they fixed it in the July or September patch
bundle last year.
There might have been a buffer overrun that you could have exploited...
From: Donald McLachlan <don () mainframe dgrc crc ca>
Seems I've heard of some devices being brought done by nmap scans. If
memory serves they were HP printers, and PC's running non-Unix and
non-MS O/S's (sorry can't remember which O/S). It seemed nmap -O
was the culprit.
From: Christophe GRENIER <grenier () nef esiea fr>
I have knock down a Scorpion Marlin from Nautica with SNMP activated using
nmap UDP scan.
nmap -sU -p 161 pont-vesale freeze it.
From: The Unicorn <unicorn () blackhats org>
I guess you never came across any DGUX systems? I recently tested a big
LAN with a lot of these and they froze (inetd) when you threw -O to
them. Just have a look at the bugtraq archive where the blackhats
advisory on this is stored.
- Collected responses to: Safe Scanning Fyodor (Mar 27)