Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] Check for CVE-2011-1720 - Postfix SMTP Cyrus SASL memory corruption
From: Fyodor <fyodor () insecure org>
Date: Sun, 19 Jun 2011 13:06:51 -0700

On Thu, Jun 16, 2011 at 04:31:12PM -0500, Ron wrote:
On Mon, 16 May 2011 19:17:41 -0700 Fyodor <fyodor () insecure org> wrote:

While reading this thread, I was thinking the exact same thing. I
don't remember why I ever put them in a single file, but I think we
should split them out (and maybe deprecate smb-check-vulns by
printing an error message if somebody tries to run it, telling them
to run x, y, and z.

That sounds promising.  Combining similar things into a single script
can be desirable, but I agree that smb-check-vulns maybe takes this
consolidation too far.  If split up, you might be able to keep
smb-check-vulns for the vuln-check-specific actions.  Or maybe it
would be better to just deprecate smb-check-vulns as you say and just
name all the offspring scripts separately.

In terms of deciding whether to combine scripts or not, I suppose
desirability from an end-user UI perspective should trump convenience
and ease of implementation for us as script writers.  After all, we
already have numerous techniques (libraries, etc.) for sharing code
between scripts, so we should be able to achieve both good UI and
elegant and maintainable implementations.

Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]