Nmap Development mailing list archives
Re: Conficker scanning with nmap
From: Lionel Cons <lionel.cons () cern ch>
Date: Wed, 1 Apr 2009 10:54:07 +0200
Brandon Enright writes:
I've never been able to reproduce the problem myself and I've tested against a *lot* of machines/devices so either the version of OpenSSL I'm running doesn't have the same assert() or the error condition to trigger data_len = 0 is somewhat involved.
Indeed, it seems it got fixed at some point last year: http://cvs.openssl.org/filediff?f=openssl/crypto/evp/evp_enc.c&v1=1.45&v2=1.46 However, Nmap should probably be backward compatible and workaround this "feature" of older OpenSSL releases... Cheers, Lionel _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: Conficker scanning with nmap Lionel Cons (Apr 01)
- Re: Conficker scanning with nmap Brandon Enright (Apr 01)
- Re: Conficker scanning with nmap Lionel Cons (Apr 01)
- Re: Conficker scanning with nmap David Fifield (Apr 01)
- Re: Conficker scanning with nmap Ron (Apr 01)
- Re: Conficker scanning with nmap David Fifield (Apr 01)
- Re: Conficker scanning with nmap Lionel Cons (Apr 02)
- Re: Conficker scanning with nmap Ron (Apr 02)
- Re: Conficker scanning with nmap Brandon Enright (Apr 01)