The checks for conficker and ms08_067 check for a specific status code
of 0x00000057, but do so by the name mapping to this value rather than
by value.
The name of this value was change from NT_STATUS_WERR_UNKNOWN_57 to
NT_STATUS_WERR_INVALID_PARAMETER in r24847, breaking these tests because
they were still searching for the "UNKNOWN_57" string.
This error was reported by Kit Peters.
http://seclists.org/nmap-dev/2012/q4/125
Debian can also run on the FreeBSD kernel. I changed o/Linux/ to o/Unix/
and added the debian_kfreebsd CPE to most match lines that mentioned
Debian. I excepted a few that said explicitly "Debian GNU/Linux".
I changed the hop distance calculation in r26791 to include the end
host, so that a directly connected target would be a distance 1, not 0,
and so on. But I didn't adjust the calculation of the T test value to
compensate. I noticed this in a lot of OS submissions that were directly
connected having an estimated initial TTL of T=41, i.e., 65 rather than
64.
http://seclists.org/nmap-dev/2011/q3/796
This reflects a deprecation in the official CPE dictionary, which seems
to have happened on 2012-03-08.
<cpe-item deprecation_date="2012-03-08T20:00:15.120Z" deprecated_by="cpe:/o:linux:linux_kernel:2.6.0" deprecated="true" name="cpe:/o:linux:kernel:2.6.0">
<title xml:lang="en-US">Linux Kernel 2.6.0</title>
<meta:item-metadata modification-date="2012-03-08T20:00:15.120Z" status="DRAFT" deprecated-by-nvd-id="35565" nvd-id="91585" />
</cpe-item>
This caused an error message when compiled with Clang 3.1:
traceroute.cc:173:41: note: in instantiation of exception specification for 'map' requested here
static std::map<struct HopIdent, Hop *> hop_cache;
^
traceroute.cc:173:24: note: forward declaration of 'HopIdent'
static std::map<struct HopIdent, Hop *> hop_cache;
^
Found by arrowdodger. http://seclists.org/nmap-dev/2012/q4/58.
Importing the whole std namespace caused a problem with Clang and the
punning of bind and std::bind.
http://seclists.org/nmap-dev/2012/q4/58
The Web's opinion of "using namespace std" also seems to be more against
than for.
There was an embarrasing bug here added in r28874. In the second of
three calls to get_srcaddr, the interface was being indexed by an index
variable that, in this place, was actually an index into the routes
table. This would in general produce a nonsensical source address or
out-of-bounds access.
The symptom of this problem was the following error messages:
get_srcaddr: can't connect socket: The requested address is not valid in its context.
Failed to convert source address to presentation format!?! Error: Unknown error
The first showed that get_srcaddr failed, and the second was caused by
the bogus source address.
http://seclists.org/nmap-dev/2012/q3/859http://seclists.org/nmap-dev/2012/q4/59
o Moved some specific behavior for resuming a thread to Thread:resume().
o Cleaned up the inheritance mechanism to use a static metatable (the Class
table itself).
o Worker main functions are no longer wrapped with a function to truncate to 0
results. Instead, we just check if a thread is a worker in Thread:set_output()
to prevent adding output by worker threads.
