Nmap Development mailing list archives
Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Mon, 29 Mar 2010 22:34:04 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 29 Mar 2010 20:11:02 +0200 Patrik Karlsson <patrik () cqure net> wrote:
Hi all, As of a few minutes ago Nmap now detects a critical AFP vulnerability I found during the development of the library. If file sharing is enabled with public shares (default) it allows a remote attacker to read the contents of your home directory without the need to authenticate. If you haven't already, make sure you install Mac Os X 10.6.3, which contains a patch for it. Details on the vulnerability can be found over here: http://www.cqure.net/wp/2010/03/detecting-apple-mac-os-x-afp-vulnerability-cve-2010-0533-with-nmap/#more-359 The scripts are in subversion and require the latest version of the AFP library http://nmap.org/svn/scripts/afp-brute.nse http://nmap.org/svn/scripts/afp-path-vuln.nse http://nmap.org/svn/nselib/afp.lua //Patrik
This is a great find Patrik, congrats on your release. I just gave our machines a scan here and as expected, we had 1635 machines with AFP running. Surprisingly though, only 291 were vulnerable. That seems like a huge discrepancy. There doesn't seem to be enough verbose script output to understand why the other ~1300 machines aren't vulnerable. Thoughts? Brandon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) iEYEARECAAYFAkuxKuMACgkQqaGPzAsl94K9egCfSv+EOEbPfi9xg1Gjg8HrZSdN 0H8AnRYcQgkRNnqLbO39ABj194u8D2KF =ZdrU -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533 Patrik Karlsson (Mar 29)
- Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533 Ron (Mar 29)
- Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533 Patrik Karlsson (Mar 29)
- Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533 Ron (Mar 29)
- Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533 Patrik Karlsson (Mar 29)
- Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533 Ron (Mar 29)
- Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533 Patrik Karlsson (Mar 29)
- Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533 Ron (Mar 29)
- Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533 Patrik Karlsson (Mar 29)
- Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533 Brandon Enright (Mar 29)
- Re: Detecting the Apple Mac OS X AFP vulnerability CVE-2010-0533 Patrik Karlsson (Mar 29)