Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: New Samba remote root vuln (CVE-2012-1182) script idea
From: Patrik Karlsson <patrik () cqure net>
Date: Sun, 22 Apr 2012 00:47:53 +0200

Hi Aleksandar,


I just tested the script against Samba 3.5.8 on Ubuntu 11.10 and the
script fails to detect it as vulnerable.
The error returned by samr_getaliasmembership is "MSRPC call returned a
fault (packet type)".
Updating the server to  "2:3.5.11~dfsg-1ubuntu2.2" returns the same
message.
Any ideas on what's happening?

//Patrik

--
Patrik Karlsson
http://www.cqure.net
http://twitter.com/nevdull77



Aleksander was able to help me figure out what was wrong, by looking in to
this.
It turns out that I had downgraded to a patched 3.5.8 version, therefore
the script was, correctly telling me my installation was not vulnerable.
Anyway, I'm sorry for the extra work Aleksander and great work with the
script!

I committed the script and changes to msrpc.lua as r28500.

Thanks,
Patrik
-- 
Patrik Karlsson
http://www.cqure.net
http://twitter.com/nevdull77
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault