Nmap Development mailing list archives
Re: nmap-4.60 detects cups-1.3.7 under Gentoo Linux as "CUPS 1.2"
From: Sven Klemm <sven () c3d2 de>
Date: Tue, 03 Jun 2008 17:03:47 +0200
Hi
Hi Toralf. These sort of corrections are very useful for us. But we need some further information to apply them. And we have an easy submission form which keeps them all in one place. See:
this is a bug/feature in CUPS it reports the wrong version in the http server header. Changing the order of the cups probes in the nmap-service-probes file fixes the issue and results in the exact version being reported.
I've attached a patch that fixes the issue. Cheers, Sven -- Sven Klemm http://cthulhu.c3d2.de/~sven/
Index: nmap-service-probes =================================================================== --- nmap-service-probes (revision 7895) +++ nmap-service-probes (working copy) @@ -4762,8 +4762,8 @@ match imap m|^\* OK Gimap ready for requests from [\d\.]+ ([\w\d]+)| p/Google Gmail imapd/ i/$1/ # Server: CUPS/1.1 +match ipp m|^HTTP/1\.0 \d\d\d .*<TITLE>Home - CUPS ([\d.]+)</TITLE>.*SUMMARY=\"Common UNIX Printing System|s p/CUPS/ v/$1/ match ipp m|^HTTP/1\.0 \d\d\d .*\r\nServer: CUPS/([-\w_.]+)|s p/CUPS/ v/$1/ -match ipp m|^HTTP/1\.0 \d\d\d .*<TITLE>Home - CUPS ([\d.]+)</TITLE>.*SUMMARY=\"Common UNIX Printing System|s p/CUPS/ v/$1/ match ipp m|^lpd \[@[-.\w]+\]: Host name for your address \([:.\d]+\) is not known\n$| p/CUPS/ match ipp m|^HTTP/1\.0 \d\d\d .*\r\nDate: .*\r\nServer: EPSON-IPP/([\d.]+)\r\nContent-Type: application/ipp\r\nContent-Length: \d+\r\n\r\n| p/Epson ippd/ v/$1/ d/print server/ match ipp m|^HTTP/1\.0 404 Not Found\r\nCache-Control: no-cache\r\nDate: .*\r\nPragma: no-cache\r\nContent-Type: text/html\r\nContent-Length: 91\r\nServer: Web-Server/([\d.]+)\r\n\r\n<HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD>\n<BODY><H1>404 Not Found</H1></BODY></HTML>\0| p/NRG copier or Ricoh Afficio/ i/Embedded Web-Server $1/ d/printer/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- nmap-4.60 detects cups-1.3.7 under Gentoo Linux as "CUPS 1.2" Toralf Förster (Jun 02)
- Re: nmap-4.60 detects cups-1.3.7 under Gentoo Linux as "CUPS 1.2" Fyodor (Jun 02)
- Re: nmap-4.60 detects cups-1.3.7 under Gentoo Linux as "CUPS 1.2" sara fink (Jun 03)
- Re: nmap-4.60 detects cups-1.3.7 under Gentoo Linux as "CUPS 1.2" Sven Klemm (Jun 03)
- Re: nmap-4.60 detects cups-1.3.7 under Gentoo Linux as "CUPS 1.2" Fyodor (Jun 02)