Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: http-barracuda-dir-traversal.nse
From: Gutek <ange.gutek () gmail com>
Date: Wed, 08 Jun 2011 18:01:48 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Le 08/06/2011 06:00, Brendan Coles a écrit :
There's tonnes of information available in the
Barracuda config files, including plaintext passwords for all mail accounts.
The configuration files often contain hundreds (if not thousands) of user
accounts so I've left this information out for now.

(script not tested yet)
So, maybe it would be useful to report if such accounts are present, and
how many ? that way the nmap user would be aware of this critical info
and could investigate further.

Thanks for this script,

A.G.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/

iEUEARECAAYFAk3vnOwACgkQ3aDTTO0ha7ivDgCfX2ej9Ux/IKZF8aMRB9AT8RYp
HAMAljTDsfhww+AiXnJ3XcxBRKsDlOI=
=jnfg
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]