mailing list archives
Re: New Samba remote root vuln (CVE-2012-1182) script idea
From: Patrik Karlsson <patrik () cqure net>
Date: Sun, 22 Apr 2012 00:47:53 +0200
I just tested the script against Samba 3.5.8 on Ubuntu 11.10 and the
script fails to detect it as vulnerable.
The error returned by samr_getaliasmembership is "MSRPC call returned a
fault (packet type)".
Updating the server to "2:3.5.11~dfsg-1ubuntu2.2" returns the same
Any ideas on what's happening?
Aleksander was able to help me figure out what was wrong, by looking in to
It turns out that I had downgraded to a patched 3.5.8 version, therefore
the script was, correctly telling me my installation was not vulnerable.
Anyway, I'm sorry for the extra work Aleksander and great work with the
I committed the script and changes to msrpc.lua as r28500.
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/