Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [PATCH]+[NSE Script] DNS open recursion (CVE-1999-0024)

From: Diman Todorov <diman.todorov () chello at>
Date: Sat, 9 Sep 2006 18:20:56 +0200

I patched NSE 4.20ALPHA4 with a patch from the lua-users mailinglist
to support bitwise operations. I did not review the license (probably
same as lua) or the security of the patch[3].
The dns-test-open-recursion.lua script requires the patch. See [1] for
patches and downloads.

[1]
http://groebert.org/felix/pub/nmap/nmap-4.20ALPHA4-NSE-bitops.patch

[3]
http://lua-users.org/lists/lua-l/2006-06/msg00350.html
http://lua-users.org/lists/lua-l/2006-06/gzvGlPinly6j.gz


Do you think you could make do with Reuben's bitlib?
http://rrt.sc3d.org/Software/Lua/
It seems a lot more elegant to me to use a separate lib instead of  
mucking about
in the interpreter itself. That way we can update our lualib without  
losing bitops.

cheers
Diman

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: