Re: nmap-2.54b3+V-2.2

[Fyodor <fyodor () insecure org>]

On Mon, 28 Aug 2000, Jay Freeman (saurik) wrote:

> nmap-2.54b3+V-2.2 compiles without warnings using g++.  As Fyoder continues
> to break this, I am going to continue to fix it :-).  There are lots of
> modifications to signed/unsigned declarations, triple checked all const
> modifiers, got rid of an annoying variables named ?try?, etc..

I would be happy to apply any patches for making Nmap C++-clean to the
main tree.  Just send them my way.  Otherwise, I'll try to remember to vet
out C++ problems before the next release.

> This version, like the unannounced version 2.1, has support for pulling
> times off of NTP servers (as requested by the nmap-web guy).  I also added a
> few more nmap-versions rules to this release, most notably Exchange POP and
> IMAP server detection.

Cool!  If nobody on this list finds any showstopper issues in the next day
or so, you might want to send an announcement to nmap-hackers .  That list
is 50X as large as nmap-dev . 

You might also want to let them know what versions are vulnerable to the
alleged Nmap+V buffer overflow root hole at
http://inferno.tusculum.edu/~typo/banfuq.c .  Are all 2.X versions safe?  
I've been getting a lot of worried mail about this.  I assume you have
too.

> this on any port other than the standard 8009 (which isn?t in nmap-services,

OK, I just added it.

Cheers,
-Fyodor


---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).