python-dev package in a certain error situation. Previously the
error message it printed was misleading:
error: invalid Python installation: unable to open
/usr/lib/python2.6/config/Makefile (No such file or directory)
The change was suggested by Aaron Leininger.
should prevent name collisions with internal but exported functions
in shared libraries Nmap links against (e.g. adler32() in zlib).
Such collisions seem to confuse the runtime linker on some platforms.
[Daniel Roethlisberger]
attempt to reduce the number of warnings like "Warning: Servicescan
failed to fill info_template...". Parts of this change include:
o Improved the text of the warning to be less confusing
o Increased the internal version info buffer to 256 chars from 128
o Increased the final version string length to 160 from 128 chars
o Changed the behavior when constructing the final version string so
that if it runs out of space, rather than dropping the output of that
template it truncates the template with ...
o Fixed the printing of unneeded spaces between templates when one of the
templates isn't going to be printed at all.
viewer. Apparently old versions of Nmap can return a state of
"unknown". This prevents this crash:
File "radialnet\gui\NodeNotebook.pyo", line 107, in __init__
File "radialnet\gui\NodeNotebook.pyo", line 257, in __create_widgets
KeyError: u'unknown'
scans. This is the code that prints
Host ... appears to be up.
Host ... appears to be down.
Host ... appears to be up ... good.
Host ... appears to be down, skipping it
Except that now these messages are uniform and are
Host ... is up.
Host ... is down.
In addition, the host state --reason information is printed for port
scans just as for ping scans, which appears to have been an oversight
before.
terminated with an error was fixed. The message was
File "zenmapGUI\DiffCompare.pyo", line 331, in check_ndiff_process
UnboundLocalError: local variable 'error_test' referenced before assignment
File "zenmapGUI\SearchGUI.pyo", line 582, in operator_changed
KeyError: "Syst\xc3\xa8me d'Exploitation"
The text could be different, because the error was caused by
translating a string that was also being used as an index into an
internal data structure. The string will be untranslated until that
part of the code can be rewritten.
nmap-service-probes. This replaces an incomplete set of specific match
lines, though a few of those have been retained where they might give
information on the OS or SSL implementation. There is also a new probe
that works against SSLv2-only servers. The patch is from Kristof
Boeynaems.
or target: search over hosts that had a MAC address. [David] The
crash output was
File "zenmapCore\SearchResult.pyo", line 86, in match_keyword
File "zenmapCore\SearchResult.pyo", line 183, in match_target
TypeError: argument of type 'NoneType' is not iterable
fingerprints: U1.RUL, U1.TOS, IE.DLI, IE.SI, and IE.TOSI. URL, DLI,
and SI were found not be helpful in distinguishing operating systems
because they didn't vary. TOS and TOSI were disabled in 4.85BETA1
but now they are not included in prints at all.
o [Ncat] The --exec and --sh-exec options now work in UDP mode like
they do in TCP mode: the server handles multiple concurrent clients
and doesn't have to be restarted after each one. Marius Sturm
provided the patch.
There used to be some complicated logic to resize the whole window when both
the expanders were closed. Just using a better packing strategy is a better
solution.
strchr() per David's suggestion. strtok uses static (global) state to
track the string it is parsing. In this case, load_exclude was also
using strtok and calling parse_expr which was wiping out the previous
strtok state. This introduce two bugs, first, only the first exclude
on a line would be loaded from the exclude file, and second, there was
an invalid access into free()'d memory in load_exclude (found with
Valgrind). The use of strtok should be highly discouraged because
these types of bugs are so easy to introduce.
addr_stob didn't handle the special case of the sa_len member of
struct sockaddr being equal to 0 and accessed unrelated memory past
the end of the sockaddr. A symptom of this was the fatal error
nexthost: failed to determine route to ...
which was caused by the default route being assigned a netmask other
than 0.0.0.0.
that didn't produce any host output (like "nmap --iflist") and then
tried to remove it from the inventory. [David]
The crash looked like
ValueError: list.remove(x): x not in list
purposes of output. What this means is that the port name will not be
"unknown?" or "ssl/unknown?" if version detection failed to find a match, but
simply "unknown" or "ssl/unknown".
SSL-tunneled port didn't respond to any version probes. Now it keeps "ssl/" as
an indication that SSL was discovered, even if the service behind it wasn't
identified. Kristof Boeynaems reported the problem and contributed a patch.
