Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Python27.dll Used In Windows Nmap Is Insecure

From: Ron <ron () skullsecurity net>
Date: Tue, 5 Jun 2012 10:39:35 -0500
I'm not an expert, but since Nmap isn't using Python as a web service - only for a local GUI - it sounds like a 
non-issue to me. 

That being said, it never hurts to have the latest DLL versions, assuming they are compatible. 

Ron

On Tue, 05 Jun 2012 18:20:41 +1000 Liam <liamtr () gmail com> wrote:

Hi,
There are security issues with python27.dll which is distributed in
the latest versions of Nmap for Windows. See here:
http://secunia.com/advisories/48347/

Quote:
"Some vulnerabilities have been reported in Python, which can be 
exploited by malicious people to disclose potentially sensitive 
information, hijack a user's session, and cause a DoS (Denial of
Service)."

I haven't done any testing myself so i cannot confirm if these issues 
would specifically impact Windows Nmap users, but i figured i would 
report the issue none the less and let you guys look into it.

Regards,

Liam
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: