diff --git a/CHANGELOG b/CHANGELOG
index 14ff06960..7498dd8a0 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,8 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
+o [NSE] Fixed a few bad Lua patterns that could result in denial of service due
+  to excessive backtracking. [Adam Rutherford, Daniel Miller]
+
 o Fixed a bug in port specification parsing that could cause extraneous
   'T', 'U', 'S', and 'P' characters to be ignored when they should have
   caused an error. [David Fifield]
diff --git a/nselib/wsdd.lua b/nselib/wsdd.lua
index dad75e0d3..0aa388321 100644
--- a/nselib/wsdd.lua
+++ b/nselib/wsdd.lua
@@ -135,15 +135,15 @@ Decoders = {
     local response = {}
 
     -- extracts the messagid, so we can check if we already got a response
-    response.msgid = data:match("<.*:MessageID>urn:uuid:(.*)</.*:MessageID>")
+    response.msgid = data:match("<[^:]*:MessageID>urn:uuid:([^<]*)</[^:]*:MessageID>")
 
     -- if unable to parse msgid return nil
     if ( not(response.msgid) ) then
       return false, "No message id was found"
     end
 
-    response.xaddrs = data:match("<.*:*XAddrs>(.*)</.*:*XAddrs>")
-    response.types = data:match("<.*:Types>[wsdp:]*(.*)</.*:Types>")
+    response.xaddrs = data:match("<[^:]*:*XAddrs>(.*)</[^:]*:*XAddrs>")
+    response.types = data:match("<[^:]*:Types>[wsdp:]*(.*)</[^:]*:Types>")
 
     return true, response
   end,
diff --git a/scripts/auth-owners.nse b/scripts/auth-owners.nse
index 2ea717ed3..b51fc0f5a 100644
--- a/scripts/auth-owners.nse
+++ b/scripts/auth-owners.nse
@@ -54,7 +54,7 @@ action = function(host, port)
 
   local try = nmap.new_try(catch)
 
-  try(client_ident:connect(host, 113))
+  try(client_ident:connect(host, 1113))
   try(client_service:connect(host, port))
 
   local localip, localport, remoteip, remoteport =
@@ -70,7 +70,7 @@ action = function(host, port)
     owner = nil
   else
     owner = string.match(owner,
-      "%d+%s*,%s*%d+%s*:%s*USERID%s*:%s*.+%s*:%s*(.+)\r?\n")
+      "%d+%s*,%s*%d+%s*:%s*USERID%s*:%s*[^:]+%s*:[ \t]*([^\r\n]+)\r?\n")
   end
 
   try(client_ident:close())
diff --git a/scripts/ip-https-discover.nse b/scripts/ip-https-discover.nse
index 7c2be1d35..140384d95 100644
--- a/scripts/ip-https-discover.nse
+++ b/scripts/ip-https-discover.nse
@@ -70,7 +70,7 @@ action = function(host, port)
   end
   socket:close()
 
-  if string.match(response, 'HTTP/1.1 200%s+.+HTTPAPI/2.0') then
+  if string.match(response, 'HTTP/1.1 200%s.+HTTPAPI/2.0') then
     return true, 'IP-HTTPS is supported. This indicates that this host supports Microsoft DirectAccess.'
   end
 end
diff --git a/scripts/smtp-vuln-cve2010-4344.nse b/scripts/smtp-vuln-cve2010-4344.nse
index 8377ecd43..92b7bf218 100644
--- a/scripts/smtp-vuln-cve2010-4344.nse
+++ b/scripts/smtp-vuln-cve2010-4344.nse
@@ -370,7 +370,7 @@ local function check_exim(smtp_opts)
   for _, line in pairs(stdnse.strsplit("\r?\n", response)) do
     if not smtp_opts.ehlo_host or not smtp_opts.domain_ip then
       smtp_opts.ehlo_host, smtp_opts.domain_ip =
-      line:match("%d+.*Hello%s(.*)%s%[(.*)%]")
+      line:match("%d.-Hello%s(.*)%s%[([^]]*)%]")
     end
     if not smtp_server.size then
       smtp_server.size = line:match("%d+%-SIZE%s(%d+)")