- update to version 6.00
Changelog:
Nmap 6.00
o Most important release since Nmap 5.00 in July 2009! For a list of
the most significant improvements and new features, see the announcement at: http://nmap.org/6
o In XML output, <osclass> elements are now child elements of the
<osmatch> they belong to. Old output was thus: <os><osclass/><osclass/>...<osmatch/><osmatch/>...</os> New output is: <os><osmatch><osclass/><osclass/>...</osmatch>...</os> The option --deprecated-xml-osclass restores the old output, in case you use an Nmap XML parser that doesn't understand the new structure. The xmloutputversion has been increased to 1.04.
o Added a new <target> element to XML output that indicates when a
target specification was ignored, perhaps because of a syntax error or DNS failure. It looks like this: <target specification="1.2.3.4.5" status="skipped" reason="invalid"/> [David Fifield]
o [NSE] Added the script samba-vuln-cve-2012-1182 which detects the
SAMBA pre-auth remote root vulnerability (CVE-2012-1182). [Aleksandar Nikolic]
o [NSE] Added http-vuln-cve2012-1823.nse, which checks for PHP CGI
installations with a remote code execution vulnerability. [Paulino Calderon]
o [NSE] Added script targets-ipv6-mld that sends a malformed ICMP6 MLD Query
to discover IPv6 enabled hosts on the LAN. [Niteesh Kumar]
o [NSE] Added rdp-vuln-ms12-020.nse by Aleksandar Nikolic. This tests
for two Remote Desktop vulnerabilities, including one allowing remote code execution, that were fixed in the MS12-020 advisory.
o [NSE] Added a stun library and the scripts stun-version and stun-info, which
extract version information and the external NAT:ed address. [Patrik Karlsson]
o [NSE] Added the script duplicates which attempts to determine duplicate
hosts by analyzing information collected by other scripts. [Patrik Karlsson]
o Fixed the routing table loop on OS X so that on-link routes appear.
Previously, they were ignored so that things like ARP scan didn't work. [Patrik Karlsson, David Fifield]
o Upgraded included libpcap to version 1.2.1.
o [NSE] Added ciphers from RFC 5932 and Fortezza-based ciphers to
ssl-enum-ciphers.nse. The patch was submitted by Darren McDonald.
o [NSE] Renamed hostmap.nse to hostmap-bfk.nse.
o Fixed a compilation problem on Solaris 9 caused by a missing
definition of IPV6_V6ONLY. Reported by Dagobert Michelsen.
o Setting --min-parallelism by itself no longer forces the maximum
parallelism to the same value. [Chris Woodbury, David Fifield]
o Changed XML output to show the "service" element whenever a tunnel
is discovered for a port, even if the service behind it was unknown. [Matt Foster]
o [Zenmap] Fixed a crash that would happen in the profile editor when
the script.db file doesn't exist. The bug was reported by Daniel Miller.
o [Zenmap] It is now possible to compare scans having the same name or
command line parameters. [Jah, David Fifield]
o Fixed an error that could occur with ICMPv6 probes and -d4 debugging:
"Unexpected probespec2ascii type encountered" [David Fifield]
o [NSE] Added new script http-chrono, which measures min, max and average
response times of web servers. [Ange Gutek]
o Applied a workaround to make pcap captures work better on Solaris
- This involves peeking at the pcap buffer to ensure that captures are not being lost. A symptom of the previous behavior was that, when doing ARP host discovery against two targets, only one would be reported as up. [David Fifield]
o Fixed a bug that could cause Nsock timers to fire too early. This
could happen for the timed probes in IPv6 OS detection, causing an incorrect measurement of the TCP_ISR feature. [David Fifield]
o [Zenmap] We now build on Windows with a newer version of PyGTK, so
copy and paste should work again.
o Changed the way timeout calculations are made in the IPv6 OS engine.
In rare cases a certain interleaving of probes and responses would result in an assertion failure.