mailing list archives
Re: New Samba remote root vuln (CVE-2012-1182) script idea
From: Patrik Karlsson <patrik () cqure net>
Date: Fri, 20 Apr 2012 16:40:37 +0200
On Fri, Apr 20, 2012 at 4:18 PM, Aleksandar Nikolic
<nikolic.alek () gmail com>wrote:
can you confirm that your installation is vulnerable?
I've just run all ZDI reproducers against a freshly installed ubuntu
(samba version 3.5.11)
and none of them triggered the bugs, so it looks like it's patched.
Could you, please, run the ZDI reproducers and check if they cause the
crash on your installation ?
I've ran the reproducers that Fyodor attached against Ubuntu 11.10, however
with a downgraded Samba (3.5.8).
I was expecting it to crash, but it didn't, so I'm not sure what's
happening. There are a few strange log entries though.
I'll send you the log off-list.
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/