Be sure to get it at http://nmap.org/6 !
Nmap 5.50 is out, make sure to check it out. It contains a lot of new NSE stuff, including support for broadcast, pre- and post-rules and most of the scripts I, and many others, have created during the last year. For more information check out the official post http://seclists.org/nmap-hackers/2011/0
During the development of my AFP library for Nmap I came a cross a critical vulnerability in Apple’s implementation of AFP on Snow Leopard. The vulnerability occurs due to improper input validation and allows an attacker to access (list, read, and/or write) files in the parent directory of any AFP sharepoint.
I found a security hole in the Asterisk SIP implementation last week. I was happy to hear that it has already been patched and released. The vulnerability allows an attacker to determine whether a given username is valid or not. With knowledge of existing usernames a more efficient password guessing attack can be mounted against the system.
The full advisory can be read here:
I have been working on some very basic VoIP tools lately which amongst other things have this attack implemented. I’ll hopefully get to releasing it in the near future.
I have just posted a new tool to the website called krbpwguess. It does exactly what the name suggests, guesses passwords against the Kerberos service. Visit the krbpwguess web page for more information.
I’ve just released a new security testing tool for Kerberos that allows you to guess valid user accounts against the KDC. More information is available under the KrbGuess page which can be found here.