Nmap Development mailing list archives
Aleksandar's status report #13 of 17
From: Aleksandar Nikolic <nikolic.alek () gmail com>
Date: Mon, 23 Jul 2012 23:23:06 +0200
Hi all, this is my status report for the last week. Last week saw some improvements to http-slowloris which we came up with while testing. As you may guess, testing this against a live server is not a very good idea, so there were few issues with the original version. I've also added ssl support to the script. Apart from that, I've written a ms10-054 vulnerability script. Unfortunately, I was unable to find a way to test for this vulnerability without crashing the server, so the script is dangerous as it causes BSOD on vulnerable machines. This week in queue are another smb vulnerability, ms10-061, which I've started working on today. This is not a memory corruption vulnerability so it will be possible to test for it in a safe, although intrusive, way. Next will be ssl-date script which should grab a date and time from the server as many TLS implementations include that in their initial ServerHello. To everybody in Vegas this week, have a good time! Aleksandar _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Aleksandar's status report #13 of 17 Aleksandar Nikolic (Jul 23)