pkgsrc/net/nmap
adam 8b6441bc4e Nmap 7.50
o [Windows] Updated the bundled Npcap from 0.78 to 0.91, with several bugfixes
  for WiFi connectivity problems and stability issues. [Daniel Miller, Yang Luo]

o Integrated all of your service/version detection fingerprints submitted from
  September to March (855 of them). The signature count went up 2.9% to 11,418.
  We now detect 1193 protocols from apachemq, bro, and clickhouse to jmon,
  slmp, and zookeeper. Highlights: http://seclists.org/nmap-dev/2017/q2/140

o [NSE] Added 14 NSE scripts from 12 authors, bringing the total up to 566!
  They are all listed at https://nmap.org/nsedoc/, and the summaries are below:

o [Ncat] A series of changes and fixes based on feedback from the Red Hat community:

o [NSE][GH-266][GH-704][GH-238][GH-883] NSE libraries smb and msrpc now use
  fully qualified paths. SMB scripts now work against all modern versions
  of Microsoft Windows. [Paulino Calderon]

o [NSE] smb library's share_get_list now properly uses anonymous connections
  first before falling back authenticating as a known user.

o New service probes and matches for Apache HBase and Hadoop MapReduce.
  [Paulino Calderon]

o Extended Memcached service probe and added match for Apache ZooKeeper.
  [Paulino Calderon]

o [NSE] New script argument "vulns.short" will reduce vulns library script
  output to a single line containing the target name or IP, the vulnerability
  state, and the CVE ID or title of the vulnerability. [Daniel Miller]

o [NSE][GH-862] SNMP scripts will now take a community string provided like
  `--script-args creds.snmp=private`, which previously did not work because it
  was interpreted as a username. [Daniel Miller]

o [NSE] Resolved several issues in the default HTTP redirect rules:
    - [GH-826] A redirect is now cancelled if the original URL contains
      embedded credentials
    - [GH-829] A redirect test is now more careful in determining whether
      a redirect destination is related to the original host
    - [GH-830] A redirect is now more strict in avoiding possible redirect
      loops
  [nnposter]

o [NSE][GH-766] The HTTP Host header will now include the port unless it is
  the default one for a given scheme. [nnposter]

o [NSE] The HTTP response object has a new member, fragment, which contains
  a partially received body (if any) when the overall request fails to
  complete. [nnposter]

o [NSE][GH-866] NSE now allows cookies to have arbitrary attributes, which
  are silently ignored (in accordance with RFC 6265). Unrecognized attributes
  were previously causing HTTP requests with such cookies to fail. [nnposter]

o [NSE][GH-844] NSE now correctly parses a Set-Cookie header that has unquoted
  whitespace in the cookie value (which is allowed per RFC 6265). [nnposter]

o [NSE][GH-731] NSE is now able to process HTTP responses with a Set-Cookie
  header that has an extraneous trailing semicolon. [nnposter]

o [NSE][GH-708] TLS SNI now works correctly for NSE HTTP requests initiated
  with option any_af. As an added benefit, option any_af is now available for
  all connections via comm.lua, not just HTTP requests. [nnposter]

o [NSE][GH-781] There is a new common function, url.get_default_port(),
  to obtain the default port number for a given scheme. [nnposter]

o [NSE][GH-833] Function url.parse() now returns the port part as a number,
  not a string. [nnposter]

o No longer allow ICMP Time Exceeded messages to mark a host as down during
  host discovery. Running traceroute at the same time as Nmap was causing
  interference. [David Fifield]

o [NSE][GH-807] Fixed a JSON library issue that was causing long integers
  to be expressed in the scientific/exponent notation. [nnposter]

o [NSE] Fixed several potential hangs in NSE scripts that used
  receive_buf(pattern), which will not return if the service continues to send
  data that does not match pattern. A new function in match.lua, pattern_limit,
  is introduced to limit the number of bytes consumed while searching for the
  pattern. [Daniel Miller, Jacek Wielemborek]

o [Nsock] Handle any and all socket connect errors the same: raise as an Nsock
  error instead of fatal. This prevents Nmap and Ncat from quitting with
  "Strange error from connect:" [Daniel Miller]

o [NSE] Added several commands to redis-info to extract listening addresses,
  connected clients, active channels, and cluster nodes. [Vasiliy Kulikov]

o [NSE][GH-679][GH-681] Refreshed script http-robtex-reverse-ip, reflecting
  changes at the source site (www.robtex.com). [aDoN]

o [NSE][GH-620][GH-715] Added 8 new http-enum fingerprints for Hadoop
  infrastructure components. [Thomas Debize, Varunram Ganesh]

o [NSE][GH-629] Added two new fingerprints to http-default-accounts
  (APC Management Card, older NetScreen ScreenOS) [Steve Benson, nnposter]

o [NSE][GH-716] Fix for oracle-tns-version which was sending an invalid TNS
  probe due to a string escaping mixup. [Alexandr Savca]

o [NSE][GH-694] ike-version now outputs information about supported attributes
  and unknown vendor ids. Also, a new fingerprint for FortiGate VPNs was
  submitted by Alexis La Goutte. [Daniel Miller]

o [GH-700] Enabled support for TLS SNI on the Windows platform. [nnposter]

o [GH-649] New service probe and match lines for the JMON and RSE services of
  IBM Explorer for z/OS. [Soldier of Fortran]

o Removed a duplicate service probe for Memcached added in 2011 (the original
  probe was added in 2008) and reported as duplicate in 2013 by Pavel Kankovsky.

o New service probe and match line for NoMachine NX Server remote desktop.
  [Justin Cacak]

o [Zenmap] Fixed a recurring installation problem on OS X/macOS where Zenmap
  was installed to /Applications/Applications/Zenmap.app instead of
  /Applications/Zenmap.app.

o [Zenmap][GH-639] Zenmap will no longer crash when no suitable temporary
  directory is found. Patches contributed by [Varunram Ganesh] and [Sai Sundhar]

o [Zenmap][GH-626] Zenmap now properly handles the -v0 (no output) option,
  which was added in Nmap 7.10. Previously, this was treated the same as not
  specifying -v at all. [lymanZerga11]

o [GH-630] Updated or removed some OpenSSL library calls that were deprecated
  in OpenSSL 1.1. [eroen]

o [NSE] Script ssh-hostkey now recognizes and reports Ed25519 keys [nnposter]

o [NSE][GH-627] Fixed script hang in several brute scripts due to the "threads"
  script-arg not being converted to a number. Error message was
  "nselib/brute.lua:1188: attempt to compare number with string" [Arne Beer]
2017-06-14 09:26:29 +00:00
..
patches nmap: update to 7.30 2016-10-14 15:11:16 +00:00
DESCR
distinfo Nmap 7.50 2017-06-14 09:26:29 +00:00
Makefile Nmap 7.50 2017-06-14 09:26:29 +00:00
options.mk Add python-3.6 to incompatible versions. 2017-01-01 14:43:22 +00:00
PLIST Nmap 7.50 2017-06-14 09:26:29 +00:00