Nmap Development mailing list archives
Re: Apache killer (was: [NSE] New script and email update patch)
From: Henri Doreau <henri.doreau () greenbone net>
Date: Mon, 29 Aug 2011 23:43:54 +0200
Hi, 2011/8/29 Duarte Silva <duarte.silva () serializing me>:
Hi, should this script be considered intrusive? Its such low profile that it doesn't seem to make sense. New version in the attachments, regards, Duarte Silva
As this script is harmless, I have removed the "intrusive" flag and added "safe" and "default" to follow what seems to be the common scheme (like realvnc-auth-bypass or http-vmware-path-vuln). I have also made the following modifications: - Changed the debug message line 70 to handle cases where hostname is nil (replaced by "hostname or host.ip"). - Fixed a logic error: missing "not" in "if not response.status" line 68. - Added comments. - Changed ["Range"] to Range in the request_opt.header table (cosmetic). - Updated the output messages: return a highly visible "VULNERABLE" if the server is affected, don't return anything otherwise (unless debug is set). More consistent output for vulnerability detection scripts should be provided soon by the vulns library. - Updated the @output section. Modified script checked in as r26238, thanks again! Regards. -- Henri _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Apache killer (was: [NSE] New script and email update patch) Henri Doreau (Aug 26)
- Re: Apache killer (was: [NSE] New script and email update patch) Duarte Silva (Aug 26)
- Re: Apache killer (was: [NSE] New script and email update patch) Duarte Silva (Aug 29)
- Re: Apache killer (was: [NSE] New script and email update patch) Duarte Silva (Aug 29)
- Re: Apache killer (was: [NSE] New script and email update patch) Henri Doreau (Aug 29)
- Re: Apache killer (was: [NSE] New script and email update patch) Duarte Silva (Aug 29)
- Re: Apache killer (was: [NSE] New script and email update patch) Henri Doreau (Aug 29)
- Re: Apache killer (was: [NSE] New script and email update patch) David Fifield (Aug 29)
- Re: Apache killer (was: [NSE] New script and email update patch) Duarte Silva (Aug 29)
- Re: Apache killer (was: [NSE] New script and email update patch) Henri Doreau (Aug 29)
- Re: Apache killer (was: [NSE] New script and email update patch) Fyodor (Sep 07)
- Re: Apache killer (was: [NSE] New script and email update patch) Duarte Silva (Aug 29)
- Re: Apache killer (was: [NSE] New script and email update patch) Duarte Silva (Aug 26)