[BUG] Crash in db2-das-info.nse when DB2 Discovery mode is disabled.

[Tom Sellers <nmap () fadedcode net>]

All,
    I just made a change to the db2-das-info script to fix a bug and
wanted to provide a bit more context.  Here is the SVN commit text:

***********************************************************************

Addressed a condition in db2-das-info.nse where the script would crash
if the DB2 DAS service had discovery mode disabled.  While the service
would be listening, the data would be in an unexpected format.  This
caused the script to crash at line 412 when it tried to extract the
server profile from the DB2 response (db2response.info variable).

I will likely tweak the hard setting of the ports in the block that
follows after I perform more testing to verify that it behaves as
expected - Tom

***********************************************************************

It turns out that the DB2 Administrative Server that we were gathering
tons of data from can be reconfigured to be less *sharing*.  Here is
some information on how to configure the service so as to limit what it
shares:

http://publib.boulder.ibm.com/infocenter/db2luw/v9r7/index.jsp?topic=/com.ibm.db2.luw.admin.config.doc/doc/r0007717.html

When DB2 is configured in this way our script breaks on this.  Today's
change just adds a bit of fault tolerance to the code.  The block of
code just below what was changed hard sets the port service, version,
etc.  I will likely move this block outside of the if statement, I am
just not comfortable doing so until I perform more testing.

Thanks much,

Tom


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/