cvs commit: ports/security/nmap Makefile distinfo pkg-plist ports/security/nmap/files patch-libnetutil__netutil.cc

Olli Hauer ohauer at FreeBSD.org
Thu May 24 16:30:44 UTC 2012 

ohauer      2012-05-24 16:30:44 UTC

  FreeBSD ports repository

  Modified files:
    security/nmap        Makefile distinfo pkg-plist 
  Added files:
    security/nmap/files  patch-libnetutil__netutil.cc 
  Log:
  - update to version 6.00
  
  Changelog:
  ==========
  Nmap 6.00
  
  o Most important release since Nmap 5.00 in July 2009! For a list of
    the most significant improvements and new features, see the
    announcement at: http://nmap.org/6
  
  o In XML output, <osclass> elements are now child elements of the
    <osmatch> they belong to. Old output was thus:
      <os><osclass/><osclass/>...<osmatch/><osmatch/>...</os>
    New output is:
      <os><osmatch><osclass/><osclass/>...</osmatch>...</os>
    The option --deprecated-xml-osclass restores the old output, in case
    you use an Nmap XML parser that doesn't understand the new
    structure. The xmloutputversion has been increased to 1.04.
  
  o Added a new <target> element to XML output that indicates when a
    target specification was ignored, perhaps because of a syntax error
    or DNS failure. It looks like this:
      <target specification="1.2.3.4.5" status="skipped" reason="invalid"/>
    [David Fifield]
  
  o [NSE] Added the script samba-vuln-cve-2012-1182 which detects the
    SAMBA pre-auth remote root vulnerability (CVE-2012-1182).
    [Aleksandar Nikolic]
  
  o [NSE] Added http-vuln-cve2012-1823.nse, which checks for PHP CGI
    installations with a remote code execution vulnerability. [Paulino
    Calderon]
  
  o [NSE] Added script targets-ipv6-mld that sends a malformed ICMP6 MLD Query
    to discover IPv6 enabled hosts on the LAN. [Niteesh Kumar]
  
  o [NSE] Added rdp-vuln-ms12-020.nse by Aleksandar Nikolic. This tests
    for two Remote Desktop vulnerabilities, including one allowing
    remote code execution, that were fixed in the MS12-020 advisory.
  
  o [NSE] Added a stun library and the scripts stun-version and stun-info, which
    extract version information and the external NAT:ed address.
    [Patrik Karlsson]
  
  o [NSE] Added the script duplicates which attempts to determine duplicate
    hosts by analyzing information collected by other scripts. [Patrik Karlsson]
  
  o Fixed the routing table loop on OS X so that on-link routes appear.
    Previously, they were ignored so that things like ARP scan didn't
    work. [Patrik Karlsson, David Fifield]
  
  o Upgraded included libpcap to version 1.2.1.
  
  o [NSE] Added ciphers from RFC 5932 and Fortezza-based ciphers to
    ssl-enum-ciphers.nse. The patch was submitted by Darren McDonald.
  
  o [NSE] Renamed hostmap.nse to hostmap-bfk.nse.
  
  o Fixed a compilation problem on Solaris 9 caused by a missing
    definition of IPV6_V6ONLY. Reported by Dagobert Michelsen.
  
  o Setting --min-parallelism by itself no longer forces the maximum
    parallelism to the same value. [Chris Woodbury, David Fifield]
  
  o Changed XML output to show the "service" element whenever a tunnel
    is discovered for a port, even if the service behind it was unknown.
    [Matt Foster]
  
  o [Zenmap] Fixed a crash that would happen in the profile editor when
    the script.db file doesn't exist. The bug was reported by Daniel
    Miller.
  
  o [Zenmap] It is now possible to compare scans having the same name or
    command line parameters. [Jah, David Fifield]
  
  o Fixed an error that could occur with ICMPv6 probes and -d4 debugging:
    "Unexpected probespec2ascii type encountered" [David Fifield]
  
  o [NSE] Added new script http-chrono, which measures min, max and average
    response times of web servers. [Ange Gutek]
  
  o Applied a workaround to make pcap captures work better on Solaris
    10. This involves peeking at the pcap buffer to ensure that captures
    are not being lost. A symptom of the previous behavior was that,
    when doing ARP host discovery against two targets, only one would be
    reported as up. [David Fifield]
  
  o Fixed a bug that could cause Nsock timers to fire too early. This
    could happen for the timed probes in IPv6 OS detection, causing an
    incorrect measurement of the TCP_ISR feature. [David Fifield]
  
  o [Zenmap] We now build on Windows with a newer version of PyGTK, so
    copy and paste should work again.
  
  o Changed the way timeout calculations are made in the IPv6 OS engine.
    In rare cases a certain interleaving of probes and responses would
    result in an assertion failure.
  
  Revision  Changes    Path
  1.136     +1 -1      ports/security/nmap/Makefile
  1.86      +2 -2      ports/security/nmap/distinfo
  1.1       +21 -0     ports/security/nmap/files/patch-libnetutil__netutil.cc (new)
  1.38      +11 -2     ports/security/nmap/pkg-plist

More information about the cvs-all mailing list