Nmap Development mailing list archives
4.85BETA6 Available
From: Fyodor <fyodor () insecure org>
Date: Tue, 31 Mar 2009 16:14:38 -0700
Hi folks! After making some improvements over the last day to the Conficker detection scripts and other parts of Nmap, we're pleased to release Nmap 4.85BETA6! Our download servers have been swamped for the last day, so I'd like to thank Brandon at USCD for mirroring help. You can find the goods at: http://nmap.org/download.html Though if you want more information about using the Conficker detection script, you should start here instead: http://insecure.org/ Here are the CHANGES since the BETA5 release yesterday: o Fixed some bugs with the Conficker detection script (smb-check-vulns) [Ron]: o SMB response timeout raised to 20s from 5s to compensate for slow/overloaded systems and networks. o MSRPC now only signs messages if OpenSSL is available (avoids an error). o Better error checking for MS08-067 patch o Fixed forgotten endian-modifier (caused problems on big-endian systems such as Solaris on SPARC). o Host status messages (up/down) are now uniform between ping scanning and port scanning and include more information. They used to vary slightly, but now all look like Host <host> is up (Xs latency). Host <host> is down. The new latency information is Nmap's estimate of the round trip time. In addition, the reason for a host being up is now printed for port scans just as for ping scans, with the --reason option. [David] o Version detection now has a generic match line for SSLv3 servers, which matches more servers than the already-existing set of specific match lines. The match line found 13% more SSL servers in a test. Note that Nmap will not be able to do SSL scan-through against a small fraction of these servers, those that are SSLv3-only or TLSv1-only, because that ability is not yet built into Nsock. There is also a new version detection probe that works against SSLv2-only servers. These have shown themselves to be very rare, so that probe is not sent by default. Kristof Boeynaems provided the patch and did the testing. o [Zenmap] A typo that led to a crash if the ndiff subprocess terminated with an error was fixed. [David] The message was File "zenmapGUI\DiffCompare.pyo", line 331, in check_ndiff_process UnboundLocalError: local variable 'error_test' referenced before assignment o [Zenmap] A crash was fixed: File "zenmapGUI\SearchGUI.pyo", line 582, in operator_changed KeyError: "Syst\xc3\xa8me d'Exploitation" The text could be different, because the error was caused by translating a string that was also being used as an index into an internal data structure. The string will be untranslated until that part of the code can be rewritten. [David] o [Zenmap] A bug was fixed that caused a crash when doing a keyword: or target: search over hosts that had a MAC address. [David] The crash output was File "zenmapCore\SearchResult.pyo", line 86, in match_keyword File "zenmapCore\SearchResult.pyo", line 183, in match_target TypeError: argument of type 'NoneType' is not iterable o Fixed a bug which prevented all comma-separated --script arguments from being shown in Nmap normal and XML output files where they show the original Nmap command. [David] o Fixed ping scanner's runtime statistics system so that instead of saying "0 undergoing Ping Scan" it gives the actual number of hosts in the group (e.g. 4096). [David] o [Zenmap] A crash was fixed in displaying the "Error creating the per-user configuration directory" dialog: File "zenmap", line 104, in <module> File "zenmapGUI\App.pyo", line 129, in run UnicodeDecodeError: 'utf8' codec can't decode bytes in position 43-45: invalid data The crash would only happen to users with paths containing multibyte characters in a non-UTF-8 locale, who also had some error preventing the creation of the directory. [David] Enjoy! Fyodor _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- 4.85BETA6 Available Fyodor (Mar 31)