Nmap Announce mailing list archives
Collected responses to: Safe Scanning
From: Fyodor <fyodor () insecure org>
Date: Sun, 26 Mar 2000 16:02:31 -0800 (PST)
Here are some more replies in the nmap-crashing-machines thread. I thought it would be better to collect them all and send as a group rather than let them trickle in one by one (I have also cut out some of the quoting): From: amanda <amanda () wineasy se> Using 'nmap -vO' against an HP-UX 9.04 machine running MC/ServiceGuard (HP's so-called High-Availability Cluster :-) would crash the host everytime a year ago. I think they fixed it in the July or September patch bundle last year. There might have been a buffer overrun that you could have exploited... Amanda. --- From: Donald McLachlan <don () mainframe dgrc crc ca> Seems I've heard of some devices being brought done by nmap scans. If memory serves they were HP printers, and PC's running non-Unix and non-MS O/S's (sorry can't remember which O/S). It seemed nmap -O was the culprit. Don --- From: Christophe GRENIER <grenier () nef esiea fr> I have knock down a Scorpion Marlin from Nautica with SNMP activated using nmap UDP scan. nmap -sU -p 161 pont-vesale freeze it. --- From: The Unicorn <unicorn () blackhats org> I guess you never came across any DGUX systems? I recently tested a big LAN with a lot of these and they froze (inetd) when you threw -O to them. Just have a look at the bugtraq archive where the blackhats advisory on this is stored. --- Cheers, Fyodor
Current thread:
- Collected responses to: Safe Scanning Fyodor (Mar 26)