Generally, when we know the specific name of a web server, for example,
running on an embedded system, we prefer to list the server itself in
p// and v//, and the hardware in i//, like so:
match m|| p/thttpd/ v/$1/ i/Foobar 2000 ADSL router http config/
But it's very common that match lines instead look like this:
match m|| p/Foobar 2000 ADSL router http config/ i/thttpd $1/
This commit fixes many of these, with assistance from sv-tidy.
sv-tidy complains:
8487: can't parse m regex (bad character range): |^HTTP/1\.0 405 Method Not Allowed\r\nServer: Membase Server ([\w-.]+)\r\nPragma:|
8488: can't parse m regex (bad character range): |^HTTP/1\.0 405 Method Not Allowed\r\nServer: Couchbase Server ([\w-.]+)\r\nPragma:|
These options look contradictory, but --disable-arp-ping is really an
option to disable *implicit* ARP ping when you haven't asked for it.
Actually requesting ARP should still do ARP scan. The contradiction that
remains is the option name --disable-arp-ping, which doesn't exactly do
what it says.
The idea here is that you can just throw --disable-arp-ping at the end
of your command lines, and implicit ARP scan will always be disabled,
and any command using -PR will continue to work.
Send large groups of ciphers and eliminate chosen ones until the server
gives up. This results in far fewer exchanges than trying every cipher
individually.
Also fixed a bug introduced in r26521 where failing to send NULL
compressor results in a rejected handshake, and updated the list of
ciphers from 213 to 359.
http://seclists.org/nmap-dev/2012/q3/156
It's used two times, in two separate blocks of the function. Therefore it was
declared twice (once per block), then got moved toplevel but the second
declaration was forgotten somehow.
This doesn't actually change anything (identical objdump -d diff) but makes code
nicer.
2.2.22 as vulnerable.
The corresponding ChangeLog entry for Apache 2.2.22 says:
"""
Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20:
A range of '0-' will now return 206 instead of 200.
"""
https://issues.apache.org/bugzilla/show_bug.cgi?id=51878
This should speed up crawling certain sites. In the case of http-email-harvest it should reduce some of the false positives generated by running the RegEx against binary data. The only script that this appears likely to have affected the results of would have been http-sitemap-generator and that script specifically disables the blacklist.
Updated the type table to include the latest from
http://www.bind9.net/dns-parameters (18 June 2012). Fixed a bug in WKS
parser. Added parsers for NSAP, NSAP-PTR, PX, GPOS, ATMA, KX, A6, DNAME,
SINK (partial), SSHFP, and SPF.
http://seclists.org/nmap-dev/2012/q3/56. r29134 already addressed the issue but
was incomplete.
This replaces r29134 with an engine-agnostic approach, and additionally enforces
the reset of IOD flags before use or re-use.
New types: MD, MF, MB, MG, MR, WKS, HINFO, MINFO, RP, AFSDB, X25, ISDN,
RT, NAPTR. Several of these are obsolete/experimental. RP, AFSDB, and
NAPTR can be tested against zonetransfer.me. WKS (Well Known Services)
is very interesting, but little used, and not tested.
