Nmap Development mailing list archives
Nmap 4.85BETA7 Released!
From: Fyodor <fyodor () insecure org>
Date: Wed, 1 Apr 2009 20:42:51 -0700
I'm pleased to announce the release of Nmap 4.85BETA7. Hopefully it will be the last in this series of daily releases! But as with the last two releases, we wanted to get some Conficker detection improvements out to the people. And as with those other releases, we snuck in some other goodies as well :). You can find the goods here: http://nmap.org/download.html And here are the changes: Nmap 4.85BETA7 [2009-04-1] o Improvements to the Conficker detection script (smb-check-vulns): o Treat any NetPathCanonicalize()return code of 0x57 as indicative of a vulnerable machine. We (and all the other scanners) used to require the 0x57 return code as well as a canonicalized path string including 0x5c450000. Tenable confirmed an infected system which returned a 0x00000000 path, so we now treat any return code of 0x57 as indicative of an infection. [Ron] o Add workaround for crash in older versions of OpenSSL which would occur when we received a blank authentication challenge string from the server. The error looked like: evp_enc.c(282): OpenSSL internal error, assertion failed: inl > 0". [Ron] o Add helpful text for the two most common errors seen in the Conficker check in smb-check-vulns.nse. So instead of saying things like "Error: NT_STATUS_ACCESS_DENIED", output is like: | Conficker: Likely CLEAN; access was denied. | | If you have a login, try using --script-args=smbuser=xxx,smbpass=yyy | | (replace xxx and yyy with your username and password). Also try | |_ smbdomain=zzz if you know the domain. (Error NT_STATUS_ACCESS_DENIED) The other improved message is for NT_STATUS_OBJECT_NAME_NOT_FOUND. [David] o The NSEDoc portal at http://nmap.org/nsedoc/ now provides download links from the script and module pages to browse or download recent versions of the code. It isn't quite as up-to-date as obtaining them from svn directly, but may be more convenient. For an example, see http://nmap.org/nsedoc/scripts/smb-check-vulns.html. [David, Fyodor] o A copy of the Nmap public svn repository (/nmap, plus its zenmap, nsock, nbase, and ncat externals) is now available at http://nmap.org/svn/. We'll be updating this regularly, but it may be slightly behind the SVN version. This is particularly useful when you need to link to files in the tree, since browsers generally don't handle svn:// repository links. [Fyodor] o Declare a couple msrpc.lua variables as local to avoid a potential deadlock between smb-server-stats.nse instances. [Ron] Enjoy! -Fyodor _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nmap 4.85BETA7 Released! Fyodor (Apr 01)
- Re: Nmap 4.85BETA7 Released! henry . nymann (Apr 02)
- Re: Nmap 4.85BETA7 Released! David Fifield (Apr 02)
- Re: Nmap 4.85BETA7 Released! henry . nymann (Apr 02)
- Re: Nmap 4.85BETA7 Released! David Fifield (Apr 02)
- Re: Nmap 4.85BETA7 Released! henry . nymann (Apr 02)
- Re: Nmap 4.85BETA7 Released! David Fifield (Apr 02)
- Re: Nmap 4.85BETA7 Released! henry . nymann (Apr 02)
- Re: Nmap 4.85BETA7 Released! David Fifield (Apr 02)
- Re: Nmap 4.85BETA7 Released! henry . nymann (Apr 02)
- Re: Nmap 4.85BETA7 Released! David Fifield (Apr 02)
- Re: Nmap 4.85BETA7 Released! David Fifield (Apr 02)
- Re: Nmap 4.85BETA7 Released! henry . nymann (Apr 02)