Nmap Development mailing list archives
Re: [NSE] Check for CVE-2010-4221 - ProFTPD Server stack overflow
From: Henri Doreau <henri.doreau () greenbone net>
Date: Thu, 30 Jun 2011 20:21:42 +0200
2011/6/30 Djalal Harouni <tixxdz () opendz org>:
After more tests I'll commit it tomorrow, thanks.
Thanks Djalal, I have successfully tested the script against the following systems - ProFTPD 1.3.2rc4 on Linux x86_64 (vulnerable) - ProFTPD 1.3.3b on FreeBSD x86_64 (vulnerable) As well as this one: - ProFTPD 1.3.4rc2 (devel) on Linux x86_64 (not vulnerable) For this last case the script doesn't generate a false positive but I get: "ftp-vuln-cve2010-4221: this is not ProFTPD server." despite -sV correctly detected ProFTPD. Maybe this script could offer an option to force the more intrusive checks and/or use port.version.product if available. Regards. -- Henri Doreau | Greenbone Networks GmbH | http://www.greenbone.net Neuer Graben 17, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Executive Directors: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Check for CVE-2010-4221 - ProFTPD Server stack overflow Djalal Harouni (Jun 30)
- Re: [NSE] Check for CVE-2010-4221 - ProFTPD Server stack overflow Henri Doreau (Jun 30)
- Re: [NSE] Check for CVE-2010-4221 - ProFTPD Server stack overflow Djalal Harouni (Jun 30)
- Re: [NSE] Check for CVE-2010-4221 - ProFTPD Server stack overflow Djalal Harouni (Jun 30)
- Re: [NSE] Check for CVE-2010-4221 - ProFTPD Server stack overflow Djalal Harouni (Jun 30)
- Re: [NSE] Check for CVE-2010-4221 - ProFTPD Server stack overflow Henri Doreau (Jun 30)