Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: NSE: mysql-vuln-cve2012-2122 - Authentication bypass in MySQL and MariaDB servers up to 5.1.61, 5.2.11, 5.3.5 and 5.5.22
From: David Fifield <david () bamsoftware com>
Date: Mon, 11 Jun 2012 13:16:47 -0700

On Mon, Jun 11, 2012 at 02:45:48AM -0600, Paulino Calderon wrote:
After testing from a remote connection I realized the iteration
counter needed to be way bigger. I also left additional debug
messages that were added when troubleshooting.

Let's commit this script as we've already had some positive reports.

What made you increase to 10000 tries? The chance of failing after 1000
is (255/256)**1000 ≈ 2%. Was that too high a failure rate or was it for
some other reason?

David Fifield
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]