sv-tidy complains:
8487: can't parse m regex (bad character range): |^HTTP/1\.0 405 Method Not Allowed\r\nServer: Membase Server ([\w-.]+)\r\nPragma:|
8488: can't parse m regex (bad character range): |^HTTP/1\.0 405 Method Not Allowed\r\nServer: Couchbase Server ([\w-.]+)\r\nPragma:|
These options look contradictory, but --disable-arp-ping is really an
option to disable *implicit* ARP ping when you haven't asked for it.
Actually requesting ARP should still do ARP scan. The contradiction that
remains is the option name --disable-arp-ping, which doesn't exactly do
what it says.
The idea here is that you can just throw --disable-arp-ping at the end
of your command lines, and implicit ARP scan will always be disabled,
and any command using -PR will continue to work.
Send large groups of ciphers and eliminate chosen ones until the server
gives up. This results in far fewer exchanges than trying every cipher
individually.
Also fixed a bug introduced in r26521 where failing to send NULL
compressor results in a rejected handshake, and updated the list of
ciphers from 213 to 359.
http://seclists.org/nmap-dev/2012/q3/156
It's used two times, in two separate blocks of the function. Therefore it was
declared twice (once per block), then got moved toplevel but the second
declaration was forgotten somehow.
This doesn't actually change anything (identical objdump -d diff) but makes code
nicer.
2.2.22 as vulnerable.
The corresponding ChangeLog entry for Apache 2.2.22 says:
"""
Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20:
A range of '0-' will now return 206 instead of 200.
"""
https://issues.apache.org/bugzilla/show_bug.cgi?id=51878
This should speed up crawling certain sites. In the case of http-email-harvest it should reduce some of the false positives generated by running the RegEx against binary data. The only script that this appears likely to have affected the results of would have been http-sitemap-generator and that script specifically disables the blacklist.
Updated the type table to include the latest from
http://www.bind9.net/dns-parameters (18 June 2012). Fixed a bug in WKS
parser. Added parsers for NSAP, NSAP-PTR, PX, GPOS, ATMA, KX, A6, DNAME,
SINK (partial), SSHFP, and SPF.
http://seclists.org/nmap-dev/2012/q3/56. r29134 already addressed the issue but
was incomplete.
This replaces r29134 with an engine-agnostic approach, and additionally enforces
the reset of IOD flags before use or re-use.
New types: MD, MF, MB, MG, MR, WKS, HINFO, MINFO, RP, AFSDB, X25, ISDN,
RT, NAPTR. Several of these are obsolete/experimental. RP, AFSDB, and
NAPTR can be tested against zonetransfer.me. WKS (Well Known Services)
is very interesting, but little used, and not tested.
Some scripts that had been previously modified were updated so that the debug output was consistent.
A few scripts were calling identify_404 with host.ip as opposed to the proper host object. This has been adjusted as well.
./scripts/http-vhosts.nse:502: attempt to concatenate local 'domain' (a
nil value)
stack traceback:
./scripts/http-vhosts.nse:502: in function 'makeTargetName'
./scripts/http-vhosts.nse:542: in function
<./scripts/http-vhosts.nse:532>
(...tail calls...)
that were internally closed and replaced by other ones. This happened during
reconnect attempts.
--
When reconnecting with SSL_OP_NO_SSLv2 (nsock_core.c:472), the libary closes the
fd of the current IOD, and replaces it by a new one.
The man page for epoll_ctl states that a close() on a fd makes it removed from
any epoll set it was in. Therefore, if epoll_ctl(EPOLL_CTL_MOD, ...) returns
ENOENT, we retry with EPOLL_CTL_ADD.
- Always format function name without parens at the beginning of a message.
- Added a nsi_new notification message.
- Only trace the first call to nsi_delete() of a given IOD (i.e. don't log the
calls issued from the resulting callbacks).
