Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: PR #1449 - Fix "attempt to call a nil value" in http-vuln-cve2017-5638.nse

From: Scott Myers <scott () scottmyers me>
Date: Tue, 29 Jan 2019 13:33:53 -0800
When scanning for hosts vulnerable to cve2017-5638, I received the following error trace:

nmap --script http-vuln-cve2017-5638 10.X.X.X -n -d
...
NSE: Script scanning 10.X.X.X.
NSE: Starting runlevel 1 (of 1) scan.
Initiating NSE at 20:44
NSE: Starting http-vuln-cve2017-5638 against 10.200.13.156:80.
NSE: http-vuln-cve2017-5638 against 10.200.13.156:80 threw an error!
...cal/bin/../share/nmap/scripts/http-vuln-cve2017-5638.nse:65: attempt to call a nil value (field 'rand_alpha')
stack traceback:
 ...cal/bin/../share/nmap/scripts/http-vuln-cve2017-5638.nse:65: in function 
<...cal/bin/../share/nmap/scripts/http-vuln-cve2017-5638.nse:41>
 (...tail calls...)
...


The script was calling rand.rand_alpha() when it should have been calling rand.random_alpha().



This is my first PR for this project. If there is any more information required, please let me know. Thanks!



https://github.com/nmap/nmap/pull/1449
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: