o [NSE] Applied patch from Daniel Miller that fixes a bug in http-form-brute

reported by Josh Greenwood. The script would break if autodetection of
  either brute form fields would fail.

  http://seclists.org/nmap-dev/2011/q2/524

CHANGELOG

@@ -1,5 +1,9 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
+o [NSE] Applied patch from Daniel Miller that fixes a bug in http-form-brute
+  reported by Josh Greenwood. The script would break if autodetection of
+  either brute form fields would fail.
+
 o [NSE] Added a SIP library and two new scripts sip-brute.nse and
   sip-user-enum.nse providing brute and user enumeration support for the SIP
   protocol. [Patrik]

scripts/http-form-brute.nse

@@ -132,10 +132,14 @@ action = function( host, port )
 	local uservar = nmap.registry.args['http-form-brute.uservar']
 	local passvar = nmap.registry.args['http-form-brute.passvar']
   	local path = nmap.registry.args['http-form-brute.path'] or "/"
-	local status, result, engine
+	local status, result, engine, _
 
-	if ( not(uservar) or not(passvar) ) then
+	if ( not(uservar) and not(passvar) ) then
 		uservar, passvar = detectFormFields( host, port, path )
+	elseif ( not(uservar) ) then
+		uservar, _ = detectFormFields( host, port, path )
+	elseif ( not(passvar) ) then
+		_, passvar = detectFormFields( host, port, path )
 	end
 	if ( not( uservar ) ) then
 		return "  \n  ERROR: No uservar was specified (see http-form-brute.uservar)"