Nmap Development mailing list archives
Re: [nmap-svn] r31576 (Nmap NSE vulnerability)
From: Jacek Wielemborek <d33tah () gmail com>
Date: Mon, 28 Jul 2014 15:48:12 +0200
29.07.2013 08:19, commit-mailer () nmap org:
Author: fyodor Date: Mon Jul 29 06:19:24 2013 New Revision: 31576 Log: o [NSE] Oops, there was a vulnerability in one of our 437 NSE scripts. If you ran the (fortunately non-default) http-domino-enum-passwords script with the (fortunately also non-default) domino-enum-passwords.idpath parameter against a malicious server, it could cause an arbitrarily named file to to be written to the client system. Thanks to Trustwave researcher Piotr Duszynski for discovering and reporting the problem. We've fixed that script, and also updated several other scripts to use a new stdnse.filename_escape function for extra safety. This breaks our record of never having a vulnerability in the 16 years that Nmap has existed, but that's still a fairly good run. [David, Fyodor]
I found this while reading Nmap's license headers:
* Source is provided to this software because we believe users have a * * right to know exactly what a program is going to do before they run it. * * This also allows you to audit the software for security holes (none * * have been found so far). *
Perhaps it would be appropriate to remove the "(none have been found so far)" part?
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [nmap-svn] r31576 (Nmap NSE vulnerability) Jacek Wielemborek (Jul 28)
- Re: [nmap-svn] r31576 (Nmap NSE vulnerability) Fyodor (Aug 13)