Nmap Development mailing list archives
Re: [PATCH]+[NSE Script] DNS open recursion (CVE-1999-0024)
From: Diman Todorov <diman.todorov () chello at>
Date: Sat, 9 Sep 2006 18:20:56 +0200
I patched NSE 4.20ALPHA4 with a patch from the lua-users mailinglist to support bitwise operations. I did not review the license (probably same as lua) or the security of the patch[3]. The dns-test-open-recursion.lua script requires the patch. See [1] for patches and downloads. [1] http://groebert.org/felix/pub/nmap/nmap-4.20ALPHA4-NSE-bitops.patch [3] http://lua-users.org/lists/lua-l/2006-06/msg00350.html http://lua-users.org/lists/lua-l/2006-06/gzvGlPinly6j.gz
Do you think you could make do with Reuben's bitlib? http://rrt.sc3d.org/Software/Lua/ It seems a lot more elegant to me to use a separate lib instead of mucking about in the interpreter itself. That way we can update our lualib without losing bitops. cheers Diman _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [PATCH]+[NSE Script] DNS open recursion (CVE-1999-0024) Felix Groebert (Aug 18)
- Re: [PATCH]+[NSE Script] DNS open recursion (CVE-1999-0024) Kevin Johnson (Aug 18)
- Re: [PATCH]+[NSE Script] DNS open recursion (CVE-1999-0024) Diman Todorov (Sep 05)
- Re: [PATCH]+[NSE Script] DNS open recursion (CVE-1999-0024) Diman Todorov (Sep 09)