Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: New Samba remote root vuln (CVE-2012-1182) script idea
From: Paulino Calderon <paulino () calderonpale com>
Date: Fri, 13 Apr 2012 17:21:44 -0600

Hi list,
Here is the other set of reproducers I managed to download.
The detection method proposed by Aleksandar sounds correct, if the instance is vulnerable, the active connection dies. Otherwise, the response varies according to the version but the connection is not closed.

Cheers.

On 04/13/2012 02:28 PM, Fyodor wrote:
On Wed, Apr 11, 2012 at 12:02:48AM -0700, Fyodor wrote:
Announcement:
    https://www.samba.org/samba/security/CVE-2012-1182
Bugzilla entry, with proof of concept code:
    https://bugzilla.samba.org/show_bug.cgi?id=8815
It looks like they decided to remove the "reproducers" for some
reason.  So in case it helps anyone who is working on an NSE script,
here is the reproducer I downloaded on the 11th:

http://nmap.org/tmp/c/cve-2012-1182/

There used to be several more reproducers, but I didn't download those
while they were there.

Cheers,
Fyodor
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Attachment: reproducers0.zdi.tar.bz2
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault