------------------------------------------------------------------------
r22234 | david | 2011-02-11 14:33:33 -0800 (Fri, 11 Feb 2011) | 4 lines
Add an openssl guard around the require of tns in oracle-brute and
oracle-enum-users. The tns library makes a call to
openssl.rand_pseudo_bytes at its top level.
------------------------------------------------------------------------
r22232 | david | 2011-02-11 14:28:18 -0800 (Fri, 11 Feb 2011) | 4 lines
Put an openssl guard around the importing of ssh2 in
ssh2-enum-algos.nse. Otherwise it fail in --script-updatedb when
configured --without-openssl.
------------------------------------------------------------------------
r22230 | david | 2011-02-11 13:38:49 -0800 (Fri, 11 Feb 2011) | 3 lines
Allow whitespace at the end of the go_to_host pattern. On Windows,
there's a '\r' at the end of the string, so the pattern didn't match.
MAC address matched the expected address, and if so, take that as a preliminary
match before checking the description string for a stronger match. But if
retrieving the the MAC address failed completely, it was still being accepted
as a preliminary match, and would prevent later matches with only the MAC
address from being accepted.
o [NSE] Fixed a bug in the nrpe-enum script that would make it run for
every port (when it was selected, which it was not by default).
Daniel Miller reported the bug. [Patrick]
snmp-interfaces.host into the prerule and out of the action. Otherwise,
being default, this is the only script that runs during the prescan by
default.
matches multiple versions of Windows. So,
Fingerprint Microsoft Windows XP or Windows Server 2003
not
Fingerprint Microsoft Windows XP or Server 2003
I used the second form to save space, but it turns out there are already
more fingerprints using the first format. These were contributed by
Xavier Sudre.
This will no longer match against the generic "X-Powered-By: PHP" (rare?), but that never gave us a version number anyway, so you could consider that a bug too.
We don't currently check for variations such as "Zend Core/2.0.1 PHP/5.2.1", so that could be added in the future, but at least the http-headers script will reveal the X-Powered-By header anyway.
The wsdd library incorrectly assumed OpenSSL to always be available and the
ssh-hostkey used the undeclared SCRIPT_NAME in message when evaluating SSL
support. The bug was reported by Michael Pattrick on nmap-dev:
http://seclists.org/nmap-dev/2011/q1/312
[Patrik]
