Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Service fingerprint update / fix for libssh (patch)

From: Brandon Enright via dev <dev () nmap org>
Date: Tue, 16 Oct 2018 23:38:50 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi folks,

There is a fun authentication bypass (CVE-2018-10933) for libssh out
today:
https://www.libssh.org/security/advisories/CVE-2018-10933.txt
https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release/

I did some scanning and noticed the fingerprint in the
nmap-service-probes file doesn't match any of the services I could find.

It seems some versions of libssh use an underscore as the separator
character for the version like so:

SF:L,16,"SSH-2\.0-libssh_0\.7\.5\r\n");

Attached is a patch that allows both an underscore and hyphen so that
the fingerprint matches more versions.

Regards,

Brandon

-----BEGIN PGP SIGNATURE-----

iF0EARECAB0WIQQsPI0+tjl0LJJzd/apoY/MCyX3ggUCW8Z2igAKCRCpoY/MCyX3
guyiAKCSdZiV+QvPQcbLvQsa4rXXs0csvACdFPV84uPbtyTHWSnb3B57fH6n7Jo=
=S9dX
-----END PGP SIGNATURE-----

Attachment: libssh_sv.diff
Description: 

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: