o [Ncat] The --exec and --sh-exec options now work in UDP mode like
they do in TCP mode: the server handles multiple concurrent clients
and doesn't have to be restarted after each one. Marius Sturm
provided the patch.
estimating the worst-possible-case memory usage (the longest row
length times the number of rows) to a more reasonable dynamic
allocation of memory. Now the buffer is started at 512 bytes and
approximately doubled each time it fills. 512 bytes is a compromise
that was determined empirically. Most regular scans use less than 512
bytes. Scans with -sV and especially -sC tend to use a few k of
memory.
See http://seclists.org/nmap-dev/2009/q1/0782.html for the tests.
response was received, not zero. Because four responses are sufficient, the
message will be printed if one, two, or three reponses were received. The
message started being printed with zero responses in r12285, with an unrelated
change.
The message also now includes the IP address of the relevant host and requires
debugging to be enabled.
There used to be some complicated logic to resize the whole window when both
the expanders were closed. Just using a better packing strategy is a better
solution.
taking into account the fact that each row gets a newline appended and
so was reporting less needed memory that actually necessary in very
special cases. Patrick found the issue and reported it in
http://seclists.org/nmap-dev/2009/q1/0735.html
Remove OS "Linux 2.6.18 - 2.6.25".
Remove OS "Linux 2.6.8 - 2.6.20".
Remove OS "OpenWrt (Linux 2.6.19 - 2.6.21)".
Add OS "Archos 605 WiFi video player".
Add OS "Linux 2.6.27 (Ubuntu)".
Add OS "Linux 2.6.22".
Add OS "Linux 2.6.27".
strchr() per David's suggestion. strtok uses static (global) state to
track the string it is parsing. In this case, load_exclude was also
using strtok and calling parse_expr which was wiping out the previous
strtok state. This introduce two bugs, first, only the first exclude
on a line would be loaded from the exclude file, and second, there was
an invalid access into free()'d memory in load_exclude (found with
Valgrind). The use of strtok should be highly discouraged because
these types of bugs are so easy to introduce.
from
21/tcp is open, was filtered.
23/tcp is open, was filtered.
80/tcp is open, was filtered.
8701/tcp is filtered, was open.
to
-21/tcp filtered
+21/tcp open ftp Netgear broadband router ftpd 1.0
-23/tcp filtered
+23/tcp open telnet Netgear broadband router admin telnetd
-80/tcp filtered
+80/tcp open http Embedded Allegro RomPager webserver 4.07 UPnP/1.0 (ZyXEL ZyWALL 2)
-8701/tcp open unknown
+8701/tcp filtered
addr_stob didn't handle the special case of the sa_len member of
struct sockaddr being equal to 0 and accessed unrelated memory past
the end of the sockaddr. A symptom of this was the fatal error
nexthost: failed to determine route to ...
which was caused by the default route being assigned a netmask other
than 0.0.0.0.
that didn't produce any host output (like "nmap --iflist") and then
tried to remove it from the inventory. [David]
The crash looked like
ValueError: list.remove(x): x not in list
the DiffHunk class with a type tag. Now output is handled with polymorphism
rather than dispatching with if/else. It also better shows what members each
hunk type has.
