2012年5月22日

[installer 3224] nmap-6.00


Nmap 6.00 が出ています。
# まだ触れられていないようなので。

・nmap-6.00
  http://nmap.org/
  http://nmap.org/dist/nmap-6.00.tgz


Nmap 6.00

o Most important release since Nmap 5.00 in July 2009! For a list of
the most significant improvements and new features, see the
announcement at: http://nmap.org/6

o In XML output, <osclass> elements are now child elements of the
<osmatch> they belong to. Old output was thus:
<os><osclass/><osclass/>...<osmatch/><osmatch/>...</os>
New output is:
<os><osmatch><osclass/><osclass/>...</osmatch>...</os>
The option --deprecated-xml-osclass restores the old output, in case
you use an Nmap XML parser that doesn't understand the new
structure. The xmloutputversion has been increased to 1.04.

o Added a new <target> element to XML output that indicates when a
target specification was ignored, perhaps because of a syntax error
or DNS failure. It looks like this:
<target specification="1.2.3.4.5" status="skipped" reason="invalid"/>
[David Fifield]

o [NSE] Added the script samba-vuln-cve-2012-1182 which detects the
SAMBA pre-auth remote root vulnerability (CVE-2012-1182).
[Aleksandar Nikolic]

o [NSE] Added http-vuln-cve2012-1823.nse, which checks for PHP CGI
installations with a remote code execution vulnerability. [Paulino
Calderon]

o [NSE] Added script targets-ipv6-mld that sends a malformed ICMP6 MLD Query
to discover IPv6 enabled hosts on the LAN. [Niteesh Kumar]

o [NSE] Added rdp-vuln-ms12-020.nse by Aleksandar Nikolic. This tests
for two Remote Desktop vulnerabilities, including one allowing
remote code execution, that were fixed in the MS12-020 advisory.

o [NSE] Added a stun library and the scripts stun-version and stun-info, which
extract version information and the external NAT:ed address.
[Patrik Karlsson]

o [NSE] Added the script duplicates which attempts to determine duplicate
hosts by analyzing information collected by other scripts. [Patrik Karlsson]

o Fixed the routing table loop on OS X so that on-link routes appear.
Previously, they were ignored so that things like ARP scan didn't
work. [Patrik Karlsson, David Fifield]

o Upgraded included libpcap to version 1.2.1.

o [NSE] Added ciphers from RFC 5932 and Fortezza-based ciphers to
ssl-enum-ciphers.nse. The patch was submitted by Darren McDonald.

o [NSE] Renamed hostmap.nse to hostmap-bfk.nse.

o Fixed a compilation problem on Solaris 9 caused by a missing
definition of IPV6_V6ONLY. Reported by Dagobert Michelsen.

o Setting --min-parallelism by itself no longer forces the maximum
parallelism to the same value. [Chris Woodbury, David Fifield]

o Changed XML output to show the "service" element whenever a tunnel
is discovered for a port, even if the service behind it was unknown.
[Matt Foster]

o [Zenmap] Fixed a crash that would happen in the profile editor when
the script.db file doesn't exist. The bug was reported by Daniel
Miller.

o [Zenmap] It is now possible to compare scans having the same name or
command line parameters. [Jah, David Fifield]

o Fixed an error that could occur with ICMPv6 probes and -d4 debugging:
"Unexpected probespec2ascii type encountered" [David Fifield]

o [NSE] Added new script http-chrono, which measures min, max and average
response times of web servers. [Ange Gutek]

o Applied a workaround to make pcap captures work better on Solaris
10. This involves peeking at the pcap buffer to ensure that captures
are not being lost. A symptom of the previous behavior was that,
when doing ARP host discovery against two targets, only one would be
reported as up. [David Fifield]

o Fixed a bug that could cause Nsock timers to fire too early. This
could happen for the timed probes in IPv6 OS detection, causing an
incorrect measurement of the TCP_ISR feature. [David Fifield]

o [Zenmap] We now build on Windows with a newer version of PyGTK, so
copy and paste should work again.

o Changed the way timeout calculations are made in the IPv6 OS engine.
In rare cases a certain interleaving of probes and responses would
result in an assertion failure.

投稿者 xml-rpc : 2012年5月22日 09:31
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/110548
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。