[NSE] http-cisco-anyconnect fires on all SSL ports

[nnposter () users sourceforge net]

The port rule for http-cisco-anyconnect is causing the script to run
against all SSL ports, which seems excessive. As an example, it is
loudly erroring out on  FTPS servers. Review of the supporting library,
anyconnect.lua, shows that the relevant handshake communication is
based on HTTP. Moreover, the official Cisco AnyConnect documentation
states that the only TCP ports used are 80 and 443.

http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect31/administration/guide/anyconnectadmin31/ac10adminreqs.html#99554

Following the same argument, it does not seem necessary for the port
rule to use sslcert.isPortSupported() because this function will return
nil for HTTP ports.

Please let me know if I am missing anything. Otherwise please consider
the attached patch.


Cheers,
nnposter

P.S. https://github.com/nmap/nmap/issues/62

Attachment: http-cisco-anyconnect.patch
Description:

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/