Nmap Development mailing list archives
Service fingerprint update / fix for libssh (patch)
From: Brandon Enright via dev <dev () nmap org>
Date: Tue, 16 Oct 2018 23:38:50 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi folks, There is a fun authentication bypass (CVE-2018-10933) for libssh out today: https://www.libssh.org/security/advisories/CVE-2018-10933.txt https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release/ I did some scanning and noticed the fingerprint in the nmap-service-probes file doesn't match any of the services I could find. It seems some versions of libssh use an underscore as the separator character for the version like so: SF:L,16,"SSH-2\.0-libssh_0\.7\.5\r\n"); Attached is a patch that allows both an underscore and hyphen so that the fingerprint matches more versions. Regards, Brandon -----BEGIN PGP SIGNATURE----- iF0EARECAB0WIQQsPI0+tjl0LJJzd/apoY/MCyX3ggUCW8Z2igAKCRCpoY/MCyX3 guyiAKCSdZiV+QvPQcbLvQsa4rXXs0csvACdFPV84uPbtyTHWSnb3B57fH6n7Jo= =S9dX -----END PGP SIGNATURE-----
Attachment:
libssh_sv.diff
Description:
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Service fingerprint update / fix for libssh (patch) Brandon Enright via dev (Oct 17)
- Re: Service fingerprint update / fix for libssh (patch) David Fifield (Oct 18)
- Re: Service fingerprint update / fix for libssh (patch) Fyodor (Oct 23)