Nmap Development mailing list archives
epoch time overflow in stdnse.lua triggered by ssl-cert.nse due to long life certificates
From: nmap () bunten de
Date: Tue, 22 Apr 2014 09:29:41 +0200 (CEST)
Hi,I got quite a few of these errors while scanning and using ssl-cert NSE script:
| NSE: ssl-cert against xx.x.xx.xx:8443 threw an error! | /usr/local/bin/../share/nmap/nselib/stdnse.lua:408: attempt to | perform arithmetic on a nil value | stack traceback: | /usr/local/bin/../share/nmap/nselib/stdnse.lua:408: | in function 'date_to_timestamp' | /usr/local/bin/../share/nmap/scripts/ssl-cert.nse:196: | in function 'output_tab' | /usr/local/bin/../share/nmap/scripts/ssl-cert.nse:241: | in function </usr/local/bin/../share/nmap/scripts/ssl-cert.nse:235> | (...tail calls...) from nmap/nselib/stdnse.lua -> | function date_to_timestamp(date, offset) | offset = offset or 0 | return os.time(date) + utc_offset(os.time(date)) - offset <--- line 408 | endThe certificate just scanned was issued 2014-03-25 and is valid until 2044-03-17. The certificate was automagically created by an appliance. I guess anything beyond 2038-01-19 is problematic due to epoch overflow and
the bug is not confined to the ssl-cert NSE script. Is there an easy fix? Regards Andreas _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- epoch time overflow in stdnse.lua triggered by ssl-cert.nse due to long life certificates nmap (Apr 22)