Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: GSoC 2012 Project - Vulnerability and exploitation specialist

From: Aleksandar Nikolic <nikolic.alek () gmail com>
Date: Mon, 26 Mar 2012 02:26:45 +0200
Hi,

I've updated the script with your suggestions.
Here's the sample output:

3389/tcp open  ms-wbt-server
| rdp-ms12-020:
|   VULNERABLE:
|   MS12-020 Remote Desktop Protocol Vulnerability
|     State: VULNERABLE
|     IDs:  CVE:CVE-2012-0152,CVE-2012-0002
|     Risk factor: High  CVSSv2: 9.3 (HIGH) (AV:N/AC:M/Au:N/C:C/I:C/A:C)
|     Description:
|               Remote Desktop Protocol vulnerability that could allow
remote attackers to execute arbitrary code on the targeted system.
|
|     Disclosure date: 2012-03-13
|     References:
|       http://technet.microsoft.com/en-us/security/bulletin/ms12-020
|_
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0152,CVE-2012-0002

I've fully commented all magic bytes, and added references to MSDN where
available.
Hope this clears things up a bit. Of course, if further details
are needed, I would be more than happy to answer.

My regards,
Aleksandar Nikolic

Attachment: rdp-ms12-020.nse
Description: 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: