Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] New script: qnx-qconn.nse
From: David Fifield <david () bamsoftware com>
Date: Thu, 8 Aug 2013 20:19:42 -0700

On Sun, Jul 28, 2013 at 08:09:37PM +1000, Brendan Coles wrote:
Better late than never. I've implemented all suggested changes. Revised
script attached.

Example output:

8000/tcp open  qconn   qconn remote IDE support
| qnx-qconn:
|   The QNX QCONN daemon allows remote command execution.
|     State: VULNERABLE
|     Risk factor: High
|     Description:
|       The QNX QCONN daemon allows unauthenticated users to execute
arbitrary operating
|       system commands as the 'root' user.
|     References:
|_      http://metasploit.org/modules/exploit/unix/misc/qnx_qconn_exec

Thanks for the script. I renamed it to qconn-exec to match the format of
some other exec scripts, and committed it in r31705.

David Fifield
Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]