Home | Docs | Forums | Lists | Bugs | Planet | Store | GMN | Get Gentoo!
Not eligible to see or edit group visibility for this bug.
View Bug Activity | Format For Printing | XML | Clone This Bug
3.95 o Fixed a crash in IPID Idle scan. Thanks to Ron (iago(a)valhallalegends.com>, Bakeman (bakeman(a)physics.unr.edu), and others for reporting the problem. o Fixed an inefficiency in RPC scan that could slow things down and also sometimes resulted in the spurious warning message: "Unable to find listening socket in get_rpc_results" o Fixed a 3.94ALPHA3 bug that caused UDP scan results to be listed as TCP ports instead. Thanks to Justin M Cacak (jcacak(a)nebraska.edu) for reporting the problem. 3.94ALPHA3 o Updated NmapFE to build with GTK2 rather than obsolete GTK1. Thanks to Mike Basinger (dbasinge(a)speakeasy.net) and Meethune Bhowmick (meethune(a)oss-institute.org) for developing the patch. I made some changes as well to prevent compilation warnings. The new NmapFE now seems to work, though I do get "Gtk-CRITICAL" assertion error messages. If someone has time to look into this, that would be appreciated. o Fixed a compilation problem on Mac OS X and perhaps other platforms with a one-line fix to scan_engine.cc. Thanks to Felix Gröbert (felix(a)groebert.org) for notifying me of the problem. o Fixed a problem that prevented the command "nmap -sT -PT <targets>" from working from a non-privileged user account. The -PT option doesn't change default behavior in this case, but Nmap should (and now does) allow it. o Applied another VS 2005 compatability patch from KX (kxmail(a)gmail.com). o Define INET_ADDRSTRLEN in tcpip.h if the system doesn't define it for us. This apparently aids compilation on Solaris 2.6 and 7. Thanks to Albert Chin (nmap-hackers(a)mlists.thewrittenword.com) for sending the patch.. 3.94ALPHA2 o Put Nmap on a diet, with changes to the core port scanning routine (ultra_scan) to substantially reduce memory consumption, particularly when tens of thousands of ports are scanned. o Fixed a problem with the -S and option on Windows reporting "Failed to resolve/decode supposed IPv4 source address". The -D (decoy) option was probably broken on that platform too. Thanks to KX (kxmail(a)gmail.com) for reporting the problem and tracking down a potential solution. o Better handle ICMP type 3, code 0 (network unreachable) responses to port scan packets. These are rarely seen when scanning hosts that are actually online, but are still worth handling. o Applied some small fixes so that Nmap compiles with Visual C++ 2005 Express, which is free from Microsoft at http://msdn.microsoft.com/vstudio/express/visualc/ . Thanks to KX (kxmail(a)gmail.com) and Sina Bahram (sbahram(a)nc.rr.com) o Removed foreign translations of the old man page from the distribution. Included the following contributed translations (nroff format) of the new man page: Brazilian Portuguese by Lucien Raven (lucienraven(a)yahoo.com.br) Portuguese (Portugal) by José Domingos (jd_pt(a)yahoo.com) and Andreia Gaita (shana.ufie(a)gmail.com). o Added --thc option (undocumented) o Modified libdnet-stripped/src/eth-bsd.c to allow for up to 128 bpf devices rather than 32. This prevents errors like "Failed to open ethernet interface (fxp0)" when there are more than 32 interface aliases. Thanks to Krok (krok(a)void.ru) for reporting the problem and even sending a patch. 3.94ALPHA1 o Wrote a new man page from scratch. It is much more comprehensive (more than twice as long) and (IMHO) better organized than the previous one. Read it online at http://www.insecure.org/nmap/man/ or docs/nmap.1 from the Nmap distribution. Let me know if you have any ideas for improving it. o Wrote a new "help screen", which you get when running Nmap without arguments. It is also reproduced in the man page and at http://www.insecure.org/nmap/data/nmap.usage.txt . I gave up trying to fit it within a 25-line, 80-column terminal window. It is now 78 lines and summarizes all but the most obscure Nmap options. o Version detection softmatches (when Nmap determines the service protocol such as smtp but isn't able to determine the app name such as Postfix) can now parse out the normal match line fields such as hostname, device type, and extra info. For example, we may not know what vendor created an sshd, but we can still parse out the protocol number. This was a patch from Doug Hoyte (doug(a)hcsw.org). o Fixed a problem which caused UDP version scanning to fail to print the matched service. Thanks to Martin Macok (martin.macok(a)underground.cz) for reporting the problem and Doug Hoyte (doug(a)hcsw.org) for fixing it. o Made the version detection "ports" directive (in nmap-service-probes) more comprehensive. This should speed up scans a bit. The patch was done by Doug Hoyte (doug(a)hcsw.org). o Added the --webxml option, which does the same thing as --stylesheet http://www.insecure.org/nmap/data/nmap.xsl , without requiring you to remember the exact URL or type that whole thing. o Fixed a crash occured when the --exclude option was used with netmasks on certain platforms. Thanks to Adam (nmapuser(a)globalmegahost.com) for reporting the problem and to Greg Darke (starstuff(a)optusnet.com.au) for sending a patch (I modified the patch a bit to make it more efficient). o Fixed a problem with the -S and -e options (spoof/set source address, and set interface by name, respectively). The problem report and a partial patch were sent by Richard Birkett (richard(a)musicbox.net). o Fixed a possible aliasing problem in tcpip.cc by applying a patch sent in by Gwenole Beauchesne (gbeauchesne(a)mandriva.com). This problem shouldn't have had any effect on users since we already include the -fno-strict-aliasing option whenever gcc 4 is detected, but it brings us closer to being able to remove that option. o Fixed a bug that caused Nmap to crash if an nmap-service-probes file was used which didn't contain the Exclude directive. o Fixed a bunch of typos and misspellings throughout the Nmap source code (mostly in comments). This was a 625-line patch by Saint Xavier (skyxav(a)skynet.be). o Nmap now accepts target list files in Windows end-of-line format (\r\n) as well as standard UNIX format (\n) on all platforms. Passing a Windows style file to Nmap on UNIX didn't work before unless you ran dos2unix first. o Removed Identd scan support from NmapFE since Nmap no longer supports it. Thanks to Jonathan Dieter (jdieter99(a)gmx.net) for the patch. o Integrated all of the September version detection fingerprint submissions. This was done by Version Detection Czar Doug Hoyte (doug(a)hcsw.org) and resulted in 86 new match lines. Please keep those submissions coming! o Fixed a divide-by-zero crash when you specify rather bogus command-line arguments (a TCP scan with zero tcp ports). Thanks to Bart Dopheide (dopheide(a)fmf.nl) for identifying the problem and sending a patch. o Fixed a minor syntax error in tcpip.h that was causing problems with GCC 4.1. Thanks to Dirk Mueller (dmuell(a)gmx.net) for reporting the problem and sending a fix. Reproducible: Always Steps to Reproduce:
3.95 o Fixed a crash in IPID Idle scan. Thanks to Ron (iago(a)valhallalegends.com>, Bakeman (bakeman(a)physics.unr.edu), and others for reporting the problem. o Fixed an inefficiency in RPC scan that could slow things down and also sometimes resulted in the spurious warning message: "Unable to find listening socket in get_rpc_results" o Fixed a 3.94ALPHA3 bug that caused UDP scan results to be listed as TCP ports instead. Thanks to Justin M Cacak (jcacak(a)nebraska.edu) for reporting the problem. 3.94ALPHA3 o Updated NmapFE to build with GTK2 rather than obsolete GTK1. Thanks to Mike Basinger (dbasinge(a)speakeasy.net) and Meethune Bhowmick (meethune(a)oss-institute.org) for developing the patch. I made some changes as well to prevent compilation warnings. The new NmapFE now seems to work, though I do get "Gtk-CRITICAL" assertion error messages. If someone has time to look into this, that would be appreciated. o Fixed a compilation problem on Mac OS X and perhaps other platforms with a one-line fix to scan_engine.cc. Thanks to Felix Gröbert (felix(a)groebert.org) for notifying me of the problem. o Fixed a problem that prevented the command "nmap -sT -PT <targets>" from working from a non-privileged user account. The -PT option doesn't change default behavior in this case, but Nmap should (and now does) allow it. o Applied another VS 2005 compatability patch from KX (kxmail(a)gmail.com). o Define INET_ADDRSTRLEN in tcpip.h if the system doesn't define it for us. This apparently aids compilation on Solaris 2.6 and 7. Thanks to Albert Chin (nmap-hackers(a)mlists.thewrittenword.com) for sending the patch.. 3.94ALPHA2 o Put Nmap on a diet, with changes to the core port scanning routine (ultra_scan) to substantially reduce memory consumption, particularly when tens of thousands of ports are scanned. o Fixed a problem with the -S and option on Windows reporting "Failed to resolve/decode supposed IPv4 source address". The -D (decoy) option was probably broken on that platform too. Thanks to KX (kxmail(a)gmail.com) for reporting the problem and tracking down a potential solution. o Better handle ICMP type 3, code 0 (network unreachable) responses to port scan packets. These are rarely seen when scanning hosts that are actually online, but are still worth handling. o Applied some small fixes so that Nmap compiles with Visual C++ 2005 Express, which is free from Microsoft at http://msdn.microsoft.com/vstudio/express/visualc/ . Thanks to KX (kxmail(a)gmail.com) and Sina Bahram (sbahram(a)nc.rr.com) o Removed foreign translations of the old man page from the distribution. Included the following contributed translations (nroff format) of the new man page: Brazilian Portuguese by Lucien Raven (lucienraven(a)yahoo.com.br) Portuguese (Portugal) by José Domingos (jd_pt(a)yahoo.com) and Andreia Gaita (shana.ufie(a)gmail.com). o Added --thc option (undocumented) o Modified libdnet-stripped/src/eth-bsd.c to allow for up to 128 bpf devices rather than 32. This prevents errors like "Failed to open ethernet interface (fxp0)" when there are more than 32 interface aliases. Thanks to Krok (krok(a)void.ru) for reporting the problem and even sending a patch. 3.94ALPHA1 o Wrote a new man page from scratch. It is much more comprehensive (more than twice as long) and (IMHO) better organized than the previous one. Read it online at http://www.insecure.org/nmap/man/ or docs/nmap.1 from the Nmap distribution. Let me know if you have any ideas for improving it. o Wrote a new "help screen", which you get when running Nmap without arguments. It is also reproduced in the man page and at http://www.insecure.org/nmap/data/nmap.usage.txt . I gave up trying to fit it within a 25-line, 80-column terminal window. It is now 78 lines and summarizes all but the most obscure Nmap options. o Version detection softmatches (when Nmap determines the service protocol such as smtp but isn't able to determine the app name such as Postfix) can now parse out the normal match line fields such as hostname, device type, and extra info. For example, we may not know what vendor created an sshd, but we can still parse out the protocol number. This was a patch from Doug Hoyte (doug(a)hcsw.org). o Fixed a problem which caused UDP version scanning to fail to print the matched service. Thanks to Martin Macok (martin.macok(a)underground.cz) for reporting the problem and Doug Hoyte (doug(a)hcsw.org) for fixing it. o Made the version detection "ports" directive (in nmap-service-probes) more comprehensive. This should speed up scans a bit. The patch was done by Doug Hoyte (doug(a)hcsw.org). o Added the --webxml option, which does the same thing as --stylesheet http://www.insecure.org/nmap/data/nmap.xsl , without requiring you to remember the exact URL or type that whole thing. o Fixed a crash occured when the --exclude option was used with netmasks on certain platforms. Thanks to Adam (nmapuser(a)globalmegahost.com) for reporting the problem and to Greg Darke (starstuff(a)optusnet.com.au) for sending a patch (I modified the patch a bit to make it more efficient). o Fixed a problem with the -S and -e options (spoof/set source address, and set interface by name, respectively). The problem report and a partial patch were sent by Richard Birkett (richard(a)musicbox.net). o Fixed a possible aliasing problem in tcpip.cc by applying a patch sent in by Gwenole Beauchesne (gbeauchesne(a)mandriva.com). This problem shouldn't have had any effect on users since we already include the -fno-strict-aliasing option whenever gcc 4 is detected, but it brings us closer to being able to remove that option. o Fixed a bug that caused Nmap to crash if an nmap-service-probes file was used which didn't contain the Exclude directive. o Fixed a bunch of typos and misspellings throughout the Nmap source code (mostly in comments). This was a 625-line patch by Saint Xavier (skyxav(a)skynet.be). o Nmap now accepts target list files in Windows end-of-line format (\r\n) as well as standard UNIX format (\n) on all platforms. Passing a Windows style file to Nmap on UNIX didn't work before unless you ran dos2unix first. o Removed Identd scan support from NmapFE since Nmap no longer supports it. Thanks to Jonathan Dieter (jdieter99(a)gmx.net) for the patch. o Integrated all of the September version detection fingerprint submissions. This was done by Version Detection Czar Doug Hoyte (doug(a)hcsw.org) and resulted in 86 new match lines. Please keep those submissions coming! o Fixed a divide-by-zero crash when you specify rather bogus command-line arguments (a TCP scan with zero tcp ports). Thanks to Bart Dopheide (dopheide(a)fmf.nl) for identifying the problem and sending a patch. o Fixed a minor syntax error in tcpip.h that was causing problems with GCC 4.1. Thanks to Dirk Mueller (dmuell(a)gmx.net) for reporting the problem and sending a fix. Reproducible: Always Steps to Reproduce:
Created an attachment (id=74340) [details] nmap-3.95.ebuild NMAP 3.95 ebuild
Added to CVS, thanks.
