| non port: security/nmap/pkg-plist |
Number of commits found: 52 |
|
Wednesday, 24 Jan 2024
|
09:33 Cy Schubert (cy) 
security/nmap: Add NLS option
Add a (default) NLS option.
PR: 276580
Original by: Helge Oldach <freebsd@oldach.net>
MFH: 2024Q1
    d7c24e0 |
|
Tuesday, 23 Jan 2024
|
19:56 Muhammad Moinur Rahman (bofh)
security/nmap: Impelled to share/man
Approved by: portmgr (blanket)
f3968b5 |
|
Sunday, 21 May 2023
|
22:13 Cy Schubert (cy)
security/nmap: Update 7.93 --> 7.94
226aaca |
|
Wednesday, 28 Sep 2022
|
15:54 Cy Schubert (cy)
security/nmap: Update to 7.93
PR: 266623
Reported by: takefu@airport.fm
e5274f9 |
|
Monday, 5 Oct 2020
|
11:04 ohauer
- update to 7.90
Relnotes: https://nmap.org/changelog#7.90
  |
|
Monday, 30 Dec 2019
|
12:38 woodsb02
security/nmap: Update to 7.80
- Remove local patches incorporated upstream.
- Add patches to add missing libibverbs dependency when linking
libpcap statically (required to allow build on FreeBSD >= 12.0).
(See similar fix applied to port net-mgmt/dhcdrop in r499639).
Changes this release:
https://seclists.org/nmap-announce/2019/0
Approved by: ohauer (maintainer timeout)
Differential Revision: https://reviews.freebsd.org/D22730
|
|
Saturday, 31 Mar 2018
|
22:22 ohauer
- update to 7.70
- add option for bundled libssh2
- add option for bundled libpcap
- add upstream patch for arp-ioctl.c
- change URL's from http to https
PR: 221522
Submitted by: lightside
|
|
Tuesday, 30 Jan 2018
|
21:02 ohauer
- update to 7.60
- regenerate patches with makepatch
PR: ports/221522
|
|
Wednesday, 21 Dec 2016
|
12:32 ohauer
- update to 7.40
- 12 new NSE scripts
- Hundreds of updated OS and version detection detection signatures
- Faster brute force authentication cracking and other NSE library improvements
Full Changelog:
https://nmap.org/changelog.html
|
|
Thursday, 29 Sep 2016
|
22:21 ohauer
- update to 7.30
Changelog:
https://nmap.org/changelog.html
|
|
Friday, 2 Sep 2016
|
16:06 ohauer
- update nmap to 7.25BETA2
Full Changelog: https://nmap.org/changelog.html
Changelog (very shortened):
Nmap 7.25BETA2 [2016-09-01]
- [NSE] Upgraded NSE to Lua 5.3
- [NSE] Added 2 NSE scripts, bringing the total up to 534!
- Add 587 new fingerprints
- [NSE] Fix a crash when parsing TLS certificates
- [NSE][GH#531] Fix two issues in sslcert.lua
- [NSE][GH#234] Added a --script-timeout option for limiting run time
- [Ncat][GH#444] Added a -z option to Ncat
- [NSE] ssl-enum-ciphers now warn about 64-bit block ciphers in CBC mode
- [NSE][GH#117] Improve tftp-enum
- [GH#472] Avoid an unnecessary assert failure in timing.cc
- [NSE][GH#519] Removed the obsolete script ip-geolocation-geobytes
- [NSE] refresh of almost all fingerprints for script http-default-accounts
- [GH#98] Added support for decoys in IPv6
- Various performance improvements for large-scale high-rate scanning
- [GH#439] Nmap now supports OpenSSL 1.1.0-pre5 and previous versions
- [Ncat] Fix a crash when --exec was used with --ssl and --max-conns
- Improve FTP Bounce scan
- [GH#140] Allow target DNS names up to 254 bytes
- [NSE] Allow bigger hard limit on number of concurrently running scripts
- [NSE] Added the datetime library
- [GH#103][GH#364] Made Nmap's parallel reverse DNS resolver more robust
|
|
Sunday, 17 Jul 2016
|
09:16 ohauer
- update to 7.25BETA1
- s/USE=OPENSSL/USES=ssl/
Some highlighs from the Changelog:
Nmap 7.25BETA1 [2016-07-13]
o [NSE] Added 6 NSE scripts, from 5 authors, bringing the total up to 533!
They are all listed at https://nmap.org/nsedoc/, and the summaries are below
(authors are listed in brackets):
+ clamav-exec detects ClamAV servers vulnerable to unauthorized clamav
command execution. [Paulino Calderon]
+ http-aspnet-debug detects ASP.NET applications with debugging enabled.
[Josh Amishav-Zlatin]
+ http-internal-ip-disclosure determines if the web server leaks its internal
IP address when sending an HTTP/1.0 request without a Host header. [Josh
Amishav-Zlatin]
+ [GH#304] http-mcmp detects mod_cluster Management Protocol (MCMP) and dumps
its configuration. [Frank Spierings]
+ [GH#365] sslv2-drown detects vulnerability to the DROWN attack, including
CVE-2016-0703 and CVE-2016-0704 that enable fast attacks on OpenSSL.
[Bertrand Bonnefoy-Claudet]
+ vnc-title logs in to VNC servers and grabs the desktop title, geometry, and
color depth. [Daniel Miller]
o Integrated all of your IPv4 OS fingerprint submissions from January
to April (539 of them). Added 98 fingerprints, bringing the new total
to 5187. Additions include Linux 4.4, Android 6.0, Windows Server
2016, and more. [Dan Miller]
o Integrated all 31 of your IPv6 OS fingerprint submissions from January to
June. The classifier added 2 groups and expanded several others. Several
Apple OS X groups were consolidated, reducing the total number of groups to
93. [Daniel Miller]
|
|
Thursday, 17 Mar 2016
|
21:29 ohauer
- upate to version 7.10
- remove support for custom IPv4 only kernel [1]
Short summary:
- 12 new NSE scripts
- hundreds of new OS/version fingerprints
- dozens if smaller improvements and bug fixes
Full Changelog:
https://nmap.org/changelog.html
[1] nmap does no longer build agains custom kernel without IPv6!
|
|
Friday, 20 Nov 2015
|
06:32 ohauer
- update to version 7.00
Changelog:
Nmap 7.00 [2015-11-19]
o This is the most important release since Nmap 6.00 back in May 2012!
For a list of the most significant improvements and new features,
see the announcement at: https://nmap.org/7
o [NSE] Added 6 NSE scripts from 6 authors, bringing the total up to 515!
They are all listed at https://nmap.org/nsedoc/, and the summaries are below
(authors are listed in brackets):
+ targets-xml extracts target addresses from previous Nmap XML results files.
[Daniel Miller]
+ [GH#232] ssl-dh-params checks for problems with weak, non-safe, and
export-grade Diffie-Hellman parameters in TLS handshakes. This includes the
LOGJAM vulnerability (CVE-2015-4000). [Jacob Gajek]
+ nje-node-brute does brute-forcing of z/OS JES Network Job Entry node names.
[Soldier of Fortran]
+ ip-https-discover detectings support for Microsoft's IP over HTTPS
tunneling protocol. [Niklaus Schiess]
+ [GH#165] broadcast-sonicwall-discover detects and extracts information from
SonicWall firewalls. [Raphael Hoegger]
+ [GH#38] http-vuln-cve2014-8877 checks for and optionally exploits a
vulnerability in CM Download Manager plugin for Wordpress. [Mariusz Ziulek]
o [Ncat] [GH#151] [GH#142] New option --no-shutdown prevents Ncat from shutting
down when it reads EOF on stdin. This is the same as traditional netcat's
"-d" option. [Adam Saponara]
o [NSE] [GH#229] Improve parsing in http.lua for multiple Set-Cookie headers in
a single response. [nnposter]
|
|
Wednesday, 4 Nov 2015
|
17:30 ohauer
- update to 6.49BETA6
- use new OPTIONS targes
Parts from Changelog [1]
==========================
Nmap 6.49BETA6
o Integrated all of your IPv6 OS fingerprint submissions from April to October
(only 9 of them!). We are steadily improving the IPv6 database, but we need
your submissions. The classifier added 3 new groups, bringing the new total
to 93. Highlights: http://seclists.org/nmap-dev/2015/q4/61 [Daniel Miller]
o Integrated all of your IPv4 OS fingerprint submissions from February to
October (1065 of them). Added 219 fingerprints, bringing the new total to
4985. Additions include Linux 4.1, Windows 10, OS X 10.11, iOS 9, FreeBSD
11.0, Android 5.1, and more. Highlights:
http://seclists.org/nmap-dev/2015/q4/60 [Daniel Miller]
o Integrated all of your service/version detection fingerprints submitted from
February to October (800+ of them). The signature count went up 2.5% to
10293. We now detect 1089 protocols, from afp, bitcoin, and caldav to
xml-rpc, yiff, and zebra. Highlights: http://seclists.org/nmap-dev/2015/q4/62
[Daniel Miller]
o [NSE] Added 10 NSE scripts from 5 authors, bringing the total up to 509!
They are all listed at http://nmap.org/nsedoc/, and the summaries are below
(authors are listed in brackets):
...
[1] https://nmap.org/changelog.html
|
|
Sunday, 27 Sep 2015
|
10:32 ohauer
- update to 6.49BETA5
- use DOCS instead PORTDOCS
- remove gcc workaround [1]
- (hopefully) use the correct __FreeBSD_version for SOCK_RAW
Changelog:
https://nmap.org/changelog.html
PR: 196065 [1]
PR: 200558 [2]
PR: 202139 [3]
Submitted by: sbruno@ , mikael.urankar@gmail.com [1]
Submitted by: truckman@ [2]
Submitted by: trasz@ [3]
|
|
Sunday, 28 Sep 2014
|
19:01 ohauer
- adopt new pkg-plist style
|
|
Saturday, 23 Aug 2014
|
12:29 ohauer
- update to 6.4.7
- add CPE entry
- sort pkg-plist
Changelog (entries related to the command line tools)
Nmap 6.47 [2014-08-20]
o Integrated all of your IPv4 OS fingerprint submissions since June 2013
(2700+ of them). Added 366 fingerprints, bringing the new total to 4485.
Additions include Linux 3.10 - 3.14, iOS 7, OpenBSD 5.4 - 5.5, FreeBSD 9.2,
OS X 10.9, Android 4.3, and more. Many existing fingerprints were improved.
Highlights: http://seclists.org/nmap-dev/2014/q3/325 [Daniel Miller]
o Removed the External Entity Declaration from the DOCTYPE in Nmap's XML. This
was added in 6.45, and resulted in trouble for Nmap XML parsers without
network access, as well as increased traffic to Nmap's servers. The doctype
is now:
<!DOCTYPE nmaprun>
o [Ncat] Fixed SOCKS5 username/password authentication. The password length was
being written in the wrong place, so authentication could not succeed.
Reported with patch by Pierluigi Vittori.
o Avoid formatting NULL as "%s" when running nmap --iflist. GNU libc converts
this to the string "(null)", but it caused segfault on Solaris. [Daniel
Miller]
o Handle ICMP admin-prohibited messages when doing service version detection.
Crash reported by Nathan Stocks was: Unexpected error in NSE_TYPE_READ
callback. Error code: 101 (Network is unreachable) [David Fifield]
o [NSE] Fix a bug causing http.head to not honor redirects. [Patrik Karlsson]
MFH: 2014Q3
|
|
Tuesday, 15 Apr 2014
|
12:12 ohauer
- update to nmap-6.45
Changelog:
http://nmap.org/changelog.html
Most of the changes of version 6.45 where already
adopted in the last port version
|
|
Friday, 11 Apr 2014
|
04:52 ohauer
- update nmap nselib and scripts to upstream revision r32810
The update includes a working script to detect whether a server
is vulnerable to the OpenSSL Heartbleed bug (CVE-2014-0160)
http://nmap.org/nsedoc/scripts/ssl-heartbleed.html
MFH: 2014Q2
|
|
Saturday, 28 Sep 2013
|
15:50 ohauer
- add stage support
|
|
Wednesday, 21 Aug 2013
|
07:42 ohauer
- fix pkg-plist (ja)
|
04:57 ohauer
- update to 6.4.0
- remove patches for EOL FreeBSD releases
- convert to OPTIONS
Changelog:
http://nmap.org/changelog.html
|
|
Sunday, 6 Jan 2013
|
18:42 ohauer
- update nmap to version 6.25
- fix build with clang and stdlib=libc++ [1]
Nmap 6.25 [2012-11-29]
o [NSE] Added CPE to smb-os-discovery output.
o [Ncat] Fixed the printing of warning messages for large arguments to
the -i and -w options. [Michal Hlavinka]
o [Ncat] Shut down the write part of connected sockets in listen mode
when stdin hits EOF, just as was already done in connect mode.
[Michal Hlavinka]
o [NSE] Added new fingerprints for http-enum: Sitecore, Moodle, typo3,
SquirrelMail, RoundCube. [Jesper Kuckelhahn]
o Added some new checks for failed library calls. [Bill Parker]
PR: 172358
174817
Submitted by: arrowdodger <6yearold@gmail.com> [1]
Anders N. <wicked@baot.se> (general update request)
|
|
Thursday, 24 May 2012
|
16:30 ohauer
- update to version 6.00
Changelog:
==========
Nmap 6.00
o Most important release since Nmap 5.00 in July 2009! For a list of
the most significant improvements and new features, see the
announcement at: http://nmap.org/6
o In XML output, <osclass> elements are now child elements of the
<osmatch> they belong to. Old output was thus:
<os><osclass/><osclass/>...<osmatch/><osmatch/>...</os>
New output is:
<os><osmatch><osclass/><osclass/>...</osmatch>...</os>
The option --deprecated-xml-osclass restores the old output, in case
you use an Nmap XML parser that doesn't understand the new
structure. The xmloutputversion has been increased to 1.04.
o Added a new <target> element to XML output that indicates when a
target specification was ignored, perhaps because of a syntax error
or DNS failure. It looks like this:
<target specification="1.2.3.4.5" status="skipped" reason="invalid"/>
[David Fifield]
o [NSE] Added the script samba-vuln-cve-2012-1182 which detects the
SAMBA pre-auth remote root vulnerability (CVE-2012-1182).
[Aleksandar Nikolic]
o [NSE] Added http-vuln-cve2012-1823.nse, which checks for PHP CGI
installations with a remote code execution vulnerability. [Paulino
Calderon]
o [NSE] Added script targets-ipv6-mld that sends a malformed ICMP6 MLD Query
to discover IPv6 enabled hosts on the LAN. [Niteesh Kumar]
o [NSE] Added rdp-vuln-ms12-020.nse by Aleksandar Nikolic. This tests
for two Remote Desktop vulnerabilities, including one allowing
remote code execution, that were fixed in the MS12-020 advisory.
o [NSE] Added a stun library and the scripts stun-version and stun-info, which
extract version information and the external NAT:ed address.
[Patrik Karlsson]
o [NSE] Added the script duplicates which attempts to determine duplicate
hosts by analyzing information collected by other scripts. [Patrik Karlsson]
o Fixed the routing table loop on OS X so that on-link routes appear.
Previously, they were ignored so that things like ARP scan didn't
work. [Patrik Karlsson, David Fifield]
o Upgraded included libpcap to version 1.2.1.
o [NSE] Added ciphers from RFC 5932 and Fortezza-based ciphers to
ssl-enum-ciphers.nse. The patch was submitted by Darren McDonald.
o [NSE] Renamed hostmap.nse to hostmap-bfk.nse.
o Fixed a compilation problem on Solaris 9 caused by a missing
definition of IPV6_V6ONLY. Reported by Dagobert Michelsen.
o Setting --min-parallelism by itself no longer forces the maximum
parallelism to the same value. [Chris Woodbury, David Fifield]
o Changed XML output to show the "service" element whenever a tunnel
is discovered for a port, even if the service behind it was unknown.
[Matt Foster]
o [Zenmap] Fixed a crash that would happen in the profile editor when
the script.db file doesn't exist. The bug was reported by Daniel
Miller.
o [Zenmap] It is now possible to compare scans having the same name or
command line parameters. [Jah, David Fifield]
o Fixed an error that could occur with ICMPv6 probes and -d4 debugging:
"Unexpected probespec2ascii type encountered" [David Fifield]
o [NSE] Added new script http-chrono, which measures min, max and average
response times of web servers. [Ange Gutek]
o Applied a workaround to make pcap captures work better on Solaris
10. This involves peeking at the pcap buffer to ensure that captures
are not being lost. A symptom of the previous behavior was that,
when doing ARP host discovery against two targets, only one would be
reported as up. [David Fifield]
o Fixed a bug that could cause Nsock timers to fire too early. This
could happen for the timed probes in IPv6 OS detection, causing an
incorrect measurement of the TCP_ISR feature. [David Fifield]
o [Zenmap] We now build on Windows with a newer version of PyGTK, so
copy and paste should work again.
o Changed the way timeout calculations are made in the IPv6 OS engine.
In rare cases a certain interleaving of probes and responses would
result in an assertion failure.
|
|
Saturday, 10 Mar 2012
|
12:31 ohauer
- update to version 5.61TEST5
small snippet from changelog:
http://nmap.org/changelog.html
o Integrated all of your IPv4 OS fingerprint submissions since June 2011 (about
1,900 of them)
Added about 256 new fingerprints (total 3,572)
o Integrated all of your service/version detection fingerprints submitted since
November 2010
(signature count increased to 7,423)
o Integrated your latest IPv6 OS submissions and corrections
o [NSE] Added 43(!) NSE scripts, bringing the total up to 340
o [NSE] Added 14 new protocol libraries
o [CPE] (Common Platform Enumeration) OS classification is now supported for
IPv6 OS detection
o Added a new --script-args-file option
o [NSE] Added support for decoding EIGRP broadcasts from Cisco routers to
broadcast-listener
o [NSE] Added redirect support to the http library
o Update to the latest MAC address prefix assignments from IEEE as of March 8,
2012
Test builds sponsored by redports.org
Feature safe: yes
|
|
Wednesday, 4 Jan 2012
|
16:47 ohauer
- update to 5.61TEST4
For detailed Changes see http://nmap.org/changelog.html
(List is simply to long ...)
Some highlights
* [NSE] Added a new httpspider library which is used for recursively
crawling web sites for information. New scripts using this
functionality include http-backup-finder, http-email-harvest,
http-grep, http-open-redirect, and http-unsafe-output-escaping. See
http://nmap.org/nsedoc/ or the list later in this file for details
on these.
* [NSE] Added a vulnerability management library (vulns.lua) to store and to
report discovered vulnerabilities.
* [NSE] Added a new script force feature. You can force scripts to
run against target ports (even if the "wrong" service is detected)
by placing a plus in front of the script name passed to --script.
See http://nmap.org/book/nse-usage.html#nse-script-selection.
* [NSE] Added 51(!) NSE scripts, bringing the total up to 297.
Build tests sponsored by redports.org
|
|
Tuesday, 4 Oct 2011
|
17:17 ohauer
- update to version 5.61TEST2
- add workaround for system build with WITHOUT_INET6 [1]
Thanks to Kim Scarborough for sharing the libpcap workaround
PR: ports/159376 [1]
Submitted by: Alexander Panyushkin [1]
|
|
Friday, 23 Sep 2011
|
20:29 ohauer
- update to 5.61TEST1
Here is the (partial) CHANGELOG since 5.59BETA1:
Nmap 5.61TEST1 [2011-09-19]
o The changelog entries below for this test release are not yet
finished or comprehensive. We'll update them soon.
o [Ncat] Updated ca-bundle.crt (primarily to remove DigiNotar).
o Fixed compilation on OS X 10.7 Lion. Thanks to Patrik Karlsson and
Babak Farroki for researching fixes.
o [NSE] Fixed SSL compressor names in ssl-enum-ciphers.nse, and
removed redundant multiple listings of the NULL compressor.
[Matt Selsky]
o [NSE] Added cipher strength ratings to ssl-enum-ciphers.nse.
[Gabriel Lawrence]
o Added Common Platform Enumeration (CPE, http://cpe.mitre.org/)
output for OS and service versions. These show up in normal output
with the headings "OS CPE:" and "Service Info:":
OS CPE: cpe:/o:linux:kernel:2.6.39
Service Info: OS: Linux; CPE: cpe:/o:linux:kernel
These also appear in XML output, which additionally has CPE entries
for service versions. [David, Henri]
o [NSE] Added new default credential list for Oracle and modified the
oracle-brute script to make use of it. [Patrik]
o [NSE] Added xmpp-info.nse as a replacement for xmpp.nse. This updated version
brings new features and fixes. [Vasiliy Kulikov]
o Fixed RPC scan for 64-bit architectures by using fixed-size data
types. [David]
o Relaxed the XML DTD to allow validation of files where the verbosity
level changed during the scan. [Daniel Miller]
o Made a service confidence of 8 (used when tcpwrapped) and indeed any
number between 0 and 10 be legal in XML output according to the DTD.
[Daniel Miller]
o [NSE] Added three scripts that do host discovery on local IPv6
subnets. Each of them uses a different multicast technique, meaning
that even very large networks have host discovery done without
needing to probe every address individually.
+ targets-multicast-ipv6-echo: Sends a multicast echo request, like
broadcast-ping does for IPv4.
+ targets-multicast-ipv6-invalid-dst: Sends an invalid packet that
can elicit an ICMPv6 Parameter Problem response.
+ targets-multicast-ipv6-slaac: Sends a phony router advertisement,
which causes hosts to allocate a temporary address and then send a
packet to discover if anyone else is using the address.
[Weilin, David]
o [NSE] Added functions to packet.lua to make it easier to build IPv6
packets. [Weilin]
o [NSE] Added new script http-vuln-cve2011-3192 which checks whether an instance
of Apache is vulnerable to a DoS attack exploiting the byterange filter.
[Duarte Silva].
o [NSE] Fixed authentication problems in the TNS library that would prevent
authentication from working against Oracle 11.2.0.2.0 XE [Chris Woodbury]
o Removed some restrictions on probe matching that, for example,
prevented a RST/ACK reply from being recognized in a NULL scan. This
was found and fixed by Matthew Stickney and Joe McEachern.
o Rearranged some characters classes in service matches to avoid any
that look like POSIX collating symbols ("[.xyz.]"). John Hutchison
discovered this error caused by one of the match lines:
InitMatch: illegal regexp: POSIX collating elements are not supported
[Daniel Miller]
o [NSE] Added the address-info.nse script, which shows extra information about
IP addresses.
o [NSE] Added scripts http-joomla-brute, http-wordpress-brute, http-wp-enum and
http-awstatstotal-exec. [Paulino]
o [Zenmap] Fixed zenmap deleting ports based on newer scans which did
not actually scan the port in question. Additionally ncat now only
updates ports with new information if the new information is the same
protocol. Not just the same port. [Colin Rice]
o [Ncat] Fixed ncat crashing with --ssl-verify -vvv on windows. [Colin Rice]
o [NSE] Added script http-waf-detect. This script tries to determine
if an IDS/IPS/WAF is protecting a web server. [Paulino]
o [NSE] Added the bittorrent library and bittorrent-discovery script which
enables us to discover peers and nodes for a particular torrent file or
magnet link.
o [NSE] Added basic query support to the Oracle TNS library making it possible
for scripts to query the database server using SQL. [Patrik]
o [Ncat] Added --append-output option, that when used along with -o and/or -x
prevents clobbering(truncating) an existing file. [Shinnok]
o [NSE] Added script broadcast-listener that attempts to discover hosts by
passively listening to the network. It does so by decoding ethernet and IP
broadcast and multicast messages. [Patrik]
o Fixed a bug that would make Nmap segfault if it failed to open an interface
using pcap. The bug details and patch are posted here:
http://seclists.org/nmap-dev/2011/q3/365 [Patrik]
o Ncat SCTP mode supports connection brokering now(--sctp --broker). [Shinnok]
o Nmap now defers options parsing until it has read through all the command line
arguments. You can now use options like -S with an IPv6 address before
specifying -6 at the command line, which previously got you an error.
[Shinnok]
o [NSE] Added the library xmpp.lua and the script xmpp-brute that performs
brute force password auditing against XMPP (Jabber) servers. [Patrik]
o [NSE] Fixed a bug in the ssh2-enum-algos script that would prevent it from
displaying any output unless run in debug mode. [Patrik]
o [NSE] Fixed the nsedebug print_hex() function so it does not print an
empty line if there are no remaining characters, and improved its NSEDoc.
[Chris Woodbury].
o [NSE] Added the scripts http-axis2-dir-traversal and
http-litespeed-sourcecode-download that exploits a directory traversal and
null byte poisoning vulnerabilities in Apache Axis2 and LiteSpeed Web Server
respectively. [Paulino]
o [Ncat] Ncat now no longer blocks while an ssl handshake is taking place or
waiting to complete. [Shinnok]
o [NSE] Added the script broadcast-dhcp-discover that sends a DHCP discover
message to the broadcast address and collects and reports the network
information received from the DHCP server. [Patrik]
o [NSE] Added the script smtp-brute that performs brute force password
auditing against SMTP servers. [Patrik]
o [NSE] Updated SMTP library to support authentication using both plain-text
and the SASL library. [Patrik]
o [NSE] Added the script imap-brute that performs brute force password
auditing against IMAP servers. [Patrik]
o [NSE] Updated IMAP library to support authentication using both plain-text
and the SASL library. [Patrik]
o [NSE] Added SASL library created by Djalal Harouni and Patrik Karlsson
providing common code for "Simple Authentication and Security Layer" to
services supporting it. The algorithms supported by the library are:
PLAIN, CRAM-MD5, DIGEST-MD5 and NTLM. [Patrik Karlsson, Djalal Harouni]
o [NSE] Added scripts cvs-brute.nse, cvs-brute-repository.nse and the cvs
library. The cvs-brute-repository script allows for guessing possible
repository names needed in order to perform password guessing using the
cvs-brute.nse script. [Patrik]
o [Zenmap] The Zenmap crash handler now instructs you to mail in crash
information to nmap-dev. [Colin Rice]
o Added IPv6 Neighbor Discovery ping. This is the IPv6 analog to IPv4
ARP scan. It is the default ping type for local IPv6 networks.
[Weilin]
o [NSE] Added smtp-vuln-cve2011-1764 script, which checks if the Exim
SMTP server is vulnerable to the DKIM Format String vulnerability
(CVE-2011-1764). [Djalal]
o Added the broadcast-ping script which sends icmp packets to broadcast
addresses on the selected network interface, or all ethernet interfaces if
none is selected. It has the option to add the discovered hosts as targets.
o [NSE] Applied patch from Chris Woodbury that adds the following additional
information to the output of smb-os-discovery:
+ Forest name
+ FQDN
+ NetBIOS computer name
+ NetBIOS domain name
o [Ncat] Ncat now supports IPV6 addresses by default without the -6 flag.
Additionally ncat listens on both :: and localhost when passed
-l, or any other listening mode unless a specific listening address is
supplied.
o [NSE] Split script db2-discover into two scripts, adding a new
broadcast-db2-discover script. This script attempts to discover DB2
database servers through broadcast requests. [Patrik Karlsson]
o Fixed broken XML output in the case of timed-out hosts; the
enclosing host element was missing. The fix was suggested by RĂ©mi
Mollon.
o [NSE] Added ftp-vuln-cve2010-4221 script, which checks if the ProFTPD
server is vulnerable to the Telnet IAC stack overflow vulnerability
(CVE-2010-4221). [Djalal]
o [NSE] Added ftp-vsftpd-backdoor, which detects a backdoor that was introduced
into vsftpd-2.3.4 source code distributions. [Daniel Miller]
o [NSE] ldap-brute.nse - Multiple changes:
+ Added support for 2008 R2 functional level Active Directory instances
to ldap-brute.
+ Added detection for valid credentials where the target account was
expired or limited by time or login host constraints.
+ Added support for specifying a UPN suffix to be appended to usernames
when brute forcing Microsoft Active Directory accounts.
+ Added support for saving discovered credentials to a CSV file.
+ Now reports valid credentials as they are discovered when the script
is run with -vv or higher.
[Tom Sellers]
o [NSE] ldap-search.nse - Added support for saving search results to
CSV. This is done by using the ldap.savesearch script argument to
specify an output filename prefix. [Tom Sellers]
o [NSE] Updated smb-brute to add detection for valid credentials where the
target account was expired or limited by time or login host constraints.
[Tom Sellers]
o [NSE] Updated account status text in brute force password discovery
scripts in an effort to make the reporting more consistent across
all scripts. This will have an impact on any code that parses these
values. [Tom Sellers]
|
|
Friday, 1 Jul 2011
|
13:23 ohauer
- update to version 5.59BETA1
This version includes:
o 40 new NSE scripts (plus improvements to many others)
o even more IPv6 goodness than our informal World IPv6 Day release
o 7 new NSE protocol libraries
o hundreds of bug fixes
o and much more see http://seclists.org/nmap-hackers/2011/3
|
|
Saturday, 22 Jan 2011
|
16:43 ohauer
- update nmap to version 5.36TEST4
Changelog: http://nmap.org/changelog.html
Feature safe: yes
|
|
Friday, 7 Jan 2011
|
20:51 ohauer
- update nmap to version 5.36TEST3
- remove dead mirror servers
Changelog: http://nmap.org/changelog.html
Mayjor changes are NSE script related, some highlihts:
o [NSE] Added stuxnet-detect.nse
o [NSE] Added the ftp-proftpd-backdoor.nse
and many more interesting NSE scripts.
|
|
Friday, 3 Sep 2010
|
21:16 ohauer
- update nmap to version 5.35DC1
- remove MD2 code from nse_openssl.cc (already removed in nmap svn)
- remove naming conflict if openssl-1.x is build with SCTP support
Approved by: glarkin (mentor)
|
|
Saturday, 6 Mar 2010
|
14:35 wxs
- Fix plist and bump PORTREVISION
PR: ports/144401
Submitted by: olli hauer <ohauer@gmx.de>
Approved by: Daniel Roethlisberger <daniel@roe.ch> (maintainer)
Feature safe: yes
|
|
Sunday, 31 Jan 2010
|
00:50 miwi
- Update to 5.21
PR: 143331
Submitted by: Daniel Roethlisberger <daniel@roe.ch> (maintainer)
|
|
Sunday, 5 Jul 2009
|
22:24 miwi
- Update to 4.90RC1
PR: 136295
Submitted by: Daniel Roethlisberger <daniel@roe.ch> (maintainer)
|
|
Monday, 13 Apr 2009
|
09:53 dhn
- Update to 4.85.b7
PR: ports/133547
Submitted by: Daniel Roethlisberger <daniel@roe.ch> (maintainer)
Approved by: miwi (mentor)
|
|
Wednesday, 24 Sep 2008
|
14:47 miwi
- Update to 4.76
PR: 127379
Submitted by: Daniel Roethlisberger <daniel@roe.ch> (maintainer)
|
|
Sunday, 3 Aug 2008
|
16:09 miwi
- Update to 4.68
PR: 126211
Submitted by: Daniel Roethlisberger <daniel@roe.ch> (maintainer)
|
|
Tuesday, 6 May 2008
|
13:26 miwi
- Update to 4.62
PR: 123401
Submitted by: Daniel Roethlisberger <daniel@roe.ch> (maintainer)
|
|
Monday, 14 Apr 2008
|
00:53 clsung
- Update nmap to 4.60 and fix moved MASTER_SITES.
Also fixed portlint warnings about Makefile structure.
PR: ports/122728
Submitted by: maintainer (Daniel Roethlisberge)
|
|
Friday, 14 Mar 2008
|
21:30 miwi
- Update to 4.52
PR: 119673
Submitted by: Daniel Roethlisberger <daniel@roe.ch> (maintainer)
|
|
Tuesday, 12 Dec 2006
|
20:32 miwi
- Update to 4.20
PR: ports/106567
Submitted by: Jose Fernandes<jose@diasfernandes.pt>
Approved by: maintainer
|
|
Thursday, 2 Feb 2006
|
08:13 krion
Update to 4.00
PR: ports/92684
Submitted by: krion
Approved by: maintainer
|
|
Sunday, 22 Jan 2006
|
02:50 edwin
Replace ugly "@unexec rmdir %D... 2>/dev/null || true" with @dirrmtry
Approved by: krion@
PR: ports/88711 (related)
|
|
Wednesday, 14 Dec 2005
|
08:46 barner
Update nmap and nmapfe to 3.95.
Notable upstream changes:
* new help/usage screen and man page
* new man page currently only available in en, pt_PT and pt_BR
* nmapfe is now a shiny GTK2 application
Submitted by: Daniel Roethlisberger <daniel@roe.ch> (maintainer)
PR: ports/90371
|
|
Saturday, 26 Feb 2005
|
15:39 krion
Update to version 3.81
PR: ports/77425
Submitted by: krion
Approved by: maintainer timeout
|
|
Monday, 5 Jul 2004
|
00:06 eik
update to 3.51-TEST4
|
|
Thursday, 17 Jun 2004
|
11:56 eik
- update to 3.51-TEST3
- fix bug when ranges cross interface boundaries [1]
Notified by: Alex Povolotsky <tarkhil@webmail.sub.ru>, Mike Benjamin
<mikeb@mikeb.org> [1]
|
|
Thursday, 25 Sep 2003
|
16:19 leeym
update to nmap/nmapfe version 3.46
PR: 57196
Submitted by: Oliver Eikemeier <eikemeier@fillmore-labs.com>
|
|
Tuesday, 1 Jul 2003
|
03:38 foxfair
PR: 53933
Submitted by: maintainer
1. Upgrade Nmap to 3.30, which released at Jun 29, 2003. Major enchancement is
OS fingerprints update. The fingerprint DB now contains almost 1000
fingerprints.
See ChangeLog at this link:
http://lists.insecure.org/lists/nmap-hackers/2003/Apr-Jun/0016.html
2. Renamed the patch files to be more descriptive.
|
|
Sunday, 15 Apr 2001
|
02:04 obrien
I forgot to commit this with the last upgrade.
|
Number of commits found: 52 |
As an Amazon Associate I earn from qualifying purchases.