Hello community, here is the log from the commit of package nmap.2083 for openSUSE:12.2:Update checked in at 2013-10-25 22:55:40 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.2:Update/nmap.2083 (Old) and /work/SRC/openSUSE:12.2:Update/.nmap.2083.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "nmap.2083" Changes: -------- New Changes file: --- /dev/null 2013-10-11 12:16:15.204037506 +0200 +++ /work/SRC/openSUSE:12.2:Update/.nmap.2083.new/nmap.changes 2013-10-25 22:55:42.000000000 +0200 @@ -0,0 +1,466 @@ +------------------------------------------------------------------- +Mon Oct 14 14:16:40 UTC 2013 - [email protected] + +- fix bnc#844953 CVE-2013-4885 (nmap-CVE-2013-4885.patch) +- There was a vulnerability in one of our 437 NSE scripts. If + you ran the (fortunately non-default) http-domino-enum-passwords script + with the (fortunately also non-default) domino-enum-passwords.idpath + parameter against a malicious server, it could cause an arbitrarily named + file to to be written to the client system. + + +------------------------------------------------------------------- +Sat Jun 23 08:56:35 UTC 2012 - [email protected] + +- update to upstream 6.0.1 + * fix a zenmap a crash that happened when activating the host filter. + * fix finding network interfaces if one of them is in monitor mode + * fixx greppable output of hosts that time-out + +------------------------------------------------------------------- +Mon May 21 20:27:08 UTC 2012 - [email protected] + +- update to upstream 6.00 + * enhanced Nmap Scripting Engine + * Better Web Scanning + * Full IPv6 Support + * New NPing Tool + * Better Zenmap GUI & results viewer + * Faster scans + * for a full list of changes see http://nmap.org/6/#changes and + http://nmap.org/changelog.html +- refresh nmap-4.00-libpcap-filter.diff + +------------------------------------------------------------------- +Tue Mar 27 21:36:17 UTC 2012 - [email protected] + +- as nmap is built with the inluded and stripped nmap-libdnet-1.12, + remove system libdnet as build requirement + +------------------------------------------------------------------- +Mon Mar 26 21:22:40 UTC 2012 - [email protected] + +- Update to nmap-5.61TEST5 +- refresh nmap-4.00-libpcap-filter.diff for moved source lines +- refresh nmap-4.00-noreturn.diff for moved source lines +- refresh nmap-4.75-nostrip.patch for moved source lines +- update nmap-5.00-desktop_files.patch + to nmap-5.61-desktop_files.patch for change source +- update su-to-zenmap.patch for moved source lines + +------------------------------------------------------------------- +Mon Mar 26 19:16:15 UTC 2012 - [email protected] + +- Conditionally change lua-devel BuildRequires to lua51-devel on + openSUSE > 12.1. The code is not yet ready for lua 5.2. + +------------------------------------------------------------------- +Sat Oct 22 17:43:10 UTC 2011 - [email protected] + +- Fixed a run Zenmap as sudo in KDE and GNOME + +------------------------------------------------------------------- +Mon Oct 17 02:38:28 UTC 2011 - [email protected] + +- Update to nmap 5.61-xxx branch, changelog too long, see NEWS + for details. +- Add a new subpackage "nping" +- drop no-md2.patch already in upstream. + +------------------------------------------------------------------- +Wed Dec 1 15:47:07 UTC 2010 - [email protected] + +- add nmap-5.21-gnomesu.patch (fixed bnc#613847) + +------------------------------------------------------------------- +Sat Oct 30 04:44:07 UTC 2010 - [email protected] + +- spec file clean up to build on SLE and openSUSE < 11.3 + +------------------------------------------------------------------- +Fri Aug 27 13:53:19 CEST 2010 - [email protected] + +- update to 5.21 + * Dramatically improved the version detection database, integrating + 2,596 submissions that users contributed since February 3, 2009! + * bugfixes + +------------------------------------------------------------------- +Mon Apr 19 09:01:38 CEST 2010 - [email protected] + +- disable md2 in the scripting language (no longer supplied + by default openssl) + +------------------------------------------------------------------- +Fri Oct 9 14:09:25 CEST 2009 - [email protected] + +- fixed bnc#528581 + +------------------------------------------------------------------- +Wed Aug 12 17:38:39 CEST 2009 - [email protected] + +- Pascal updated to 5.00 with way too many changes to list them, + see /usr/share/doc/packages/nmap/CHANGELOG +- introduce ncat and ndiff packages providing tools for nmap scans + +------------------------------------------------------------------- +Sun Aug 9 12:43:26 CEST 2009 - [email protected] + +- use new python macros + +------------------------------------------------------------------- +Tue Jun 23 14:46:57 CEST 2009 - [email protected] + +- remove strip so we have debuginfos + +------------------------------------------------------------------- +Thu Sep 11 16:25:06 CEST 2008 - [email protected] + +- Update to 4.75 + * [Zenmap] Added a new Scan Topology system. + * [Zenmap] Another exciting new Zenmap feature is Scan + Aggregation. + * [Zenmap] Added a context-sensitive help system to the Profile + Editor. + * Expanded nmap-services to include information on how frequently + each port number is found open. + * Nmap now scans the most common 1,000 ports by default in either + protocol (UDP scan is still optional). + * Nmap fast scan (-F) now scans the top 100 ports by default in + either protocol. + * The --top-ports option lets you specify the number of ports you + wish to scan in each protocol, and will pick the most popular + ports for you based on the new frequency data. + * integrated all of the OS detection fingerprint and correction + submissions +- rename nmap-gtk subpackage to zenmap + +------------------------------------------------------------------- +Mon Sep 8 14:45:59 CEST 2008 - [email protected] + +- update to version 4.68 + * Too many changes to list, see http://nmap.org/changelog.html + +------------------------------------------------------------------- +Thu Apr 3 07:11:03 CEST 2008 - [email protected] + +- update to version 4.60 tons of bugfixes, see http://nmap.org/changelog.html +- Wrong files for package nmap in openSUSE:Factory [BNC #369021] +- We have to buildrequire lua-devel, otherwise bundled is used + +------------------------------------------------------------------- +Sun Mar 2 12:08:30 CET 2008 - [email protected] + +- fix packaging issues + +------------------------------------------------------------------- +Mon Jan 21 15:20:49 CET 2008 - [email protected] + +- update to version 4.53 which + o Added UPnP-info NSE script. It gathers information from the + UPnP service (UDP port 1900) which listens on many network + devices such as routers, printers, and networked media players. + o Fix a lot of Bugs + o The Nmap Scripting Engine (NSE) now supports run-time interaction + and the Nmap --host-timeout option. + +------------------------------------------------------------------- +Thu Jul 26 16:55:50 CEST 2007 - [email protected] + +- changed libpcap to libpcap-devel in BuildRequires + +------------------------------------------------------------------- +Mon Apr 30 16:56:36 CEST 2007 - [email protected] + +- change last patch to build + +------------------------------------------------------------------- +Thu Apr 19 08:23:48 CEST 2007 - [email protected] + +- fix build bug + +------------------------------------------------------------------- +Thu Feb 22 11:43:41 CET 2007 - [email protected] + +- update to version 4.20 which + o Integrated the latest OS fingerprint submissions + o Fix Bugs + +------------------------------------------------------------------- +Mon Jan 8 00:11:17 CET 2007 - [email protected] + +- GNOME moved to /usr + +------------------------------------------------------------------- +Thu Oct 26 03:43:23 CEST 2006 - [email protected] + +- build against system provided libdnet ++++ 269 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:12.2:Update/.nmap.2083.new/nmap.changes New: ---- nmap-4.00-noreturn.diff nmap-4.75-nostrip.patch nmap-5.61-desktop_files.patch nmap-6.00-libpcap-filter.diff nmap-6.01.tar.bz2 nmap-CVE-2013-4885.patch nmap.changes nmap.spec su-to-zenmap.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ nmap.spec ++++++ # # spec file for package nmap # # Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # %{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())")} %{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib(1))")} Name: nmap BuildRequires: gcc-c++ BuildRequires: gtk2-devel BuildRequires: libpcap-devel %if 0%{?suse_version} > 1210 BuildRequires: lua51-devel %else BuildRequires: lua-devel %endif BuildRequires: dos2unix BuildRequires: fdupes BuildRequires: openssl-devel BuildRequires: pcre-devel BuildRequires: python-devel BuildRequires: update-desktop-files Url: http://www.insecure.org/nmap/ Version: 6.01 Release: 0 Summary: Portscanner License: GPL-2.0+ Group: Productivity/Networking/Diagnostic BuildRoot: %{_tmppath}/%{name}-%{version}-build Source: nmap-%{version}.tar.bz2 Patch: nmap-6.00-libpcap-filter.diff Patch1: nmap-4.00-noreturn.diff Patch2: nmap-5.61-desktop_files.patch Patch3: nmap-4.75-nostrip.patch Patch5: su-to-zenmap.patch #PATCH-FIX-UPSTREAM-BNC#844953-CVE-2013-4885 Patch6: nmap-CVE-2013-4885.patch %description Nmap is designed to allow system administrators and curious individuals to scan large networks to determine which hosts are up and what services they are offering. XNmap is a graphical front-end that shows nmap's output clearly. Find documentation in %{_docdir}/%{name} Authors: -------- Fyodor <[email protected]> %package -n zenmap Summary: A Graphical Front-End for Nmap Group: Productivity/Networking/Diagnostic Requires: %name = %version Obsoletes: %name-gtk Provides: %name-gtk = %{version}-%{release} %py_requires %description -n zenmap zenmap is a graphical front-end for the nmap network scanner Authors: -------- Fyodor <[email protected]> %package -n ncat Summary: Network Tool to concatenate and redirect Sockets Group: Productivity/Networking/Diagnostic %description -n ncat Ncat is a feature-packed networking utility which will read and write data across a network from the command line. Ncat was written for the Nmap Project and is the culmination of the currently splintered family of Netcat incarnations. It uses both TCP and UDP for communication and is designed to be a reliable back-end tool to instantly provide network connectivity to other applications and users. Ncat will not only work with IPv4 and IPv6 but provides the user with a virtually limitless number of potential uses. Among Ncat´s vast number of features there is the ability to chain Ncats together, redirect both TCP and UDP ports to other sites, SSL support, and proxy connections via SOCKS4 or HTTP (CONNECT method) proxies (with optional proxy authentication as well). Some general principles apply to most applications and thus give you the capability of instantly adding networking support to software that would normally never support it. Authors: -------- Fyodor <[email protected]> %package -n ndiff Summary: Compare Results of Nmap Scans Group: Productivity/Networking/Diagnostic %py_requires %description -n ndiff Ndiff is a tool to aid in the comparison of Nmap scans. It takes two Nmap XML output files and prints the differences between them: hosts coming up and down, ports becoming open or closed, etc. Authors: -------- Fyodor <[email protected]> %package -n nping Summary: Compare Results of Nmap Scans Group: Productivity/Networking/Diagnostic %description -n nping Network packet generation tool / ping utility Authors: -------- Fyodor <[email protected]> %prep %setup -q %patch -p0 %patch1 -p0 %patch2 -p0 %patch3 -p0 %patch5 -p0 %patch6 #fix locale dir mv zenmap/share/zenmap/locale zenmap/share sed -i -e "s|^locale_dir =.*$|locale_dir = os.path.join('share','locale')|" \ -e 's|join(self.install_data, data_dir)|join(self.install_data, "share")|' zenmap/setup.py sed -i 's|^LOCALE_DIR = .*|LOCALE_DIR = join(prefix, "share", "locale")|' zenmap/zenmapCore/Paths.py #fix jp/ja pt_PT/pt zh/zh_CN locale sed -i '/ALL_LINGUAS =/s/jp/ja/' Makefile.in sed -i '/ALL_LINGUAS =/s/pt_PT/pt/' Makefile.in sed -i '/ALL_LINGUAS =/s/zh/zh_CN/' Makefile.in mv docs/man-xlate/nmap-jp.1 docs/man-xlate/nmap-ja.1 mv docs/man-xlate/nmap-pt_PT.1 docs/man-xlate/nmap-pt.1 mv docs/man-xlate/nmap-zh.1 docs/man-xlate/nmap-zh_CN.1 %build export CFLAGS="%optflags -DOPENSSL_LOAD_CONF" export CXXFLAGS="%optflags -DOPENSSL_LOAD_CONF" %configure --with-libpcap=%{_usr} \ --with-libdnet=included \ --with-libpcre=%{_usr} %__make %{?jobs:-j%jobs} %install %__make DESTDIR="%{buildroot}" deskdir="%{_datadir}/gnome/apps/Utilities/" install %__rm "%{buildroot}%{_bindir}/uninstall_zenmap" %__install -d "%{buildroot}/usr/share/pixmaps/" %__ln_s ../zenmap/pixmaps/zenmap.png "%{buildroot}/usr/share/pixmaps/zenmap.png" %suse_update_desktop_file zenmap System Network %suse_update_desktop_file zenmap-root System Network %find_lang zenmap touch -r %{buildroot}/%{python_sitelib}/zenmapCore/Paths.py %{buildroot}/%{python_sitelib}/zenmapCore/Paths.pyc dos2unix %{buildroot}%{_datadir}/%{name}/nselib/data/oracle-sids %fdupes -s %{buildroot} %clean %__rm -rf "%{buildroot}" %files %defattr(-,root,root) %doc COPYING* CHANGELOG HACKING %doc docs/README %doc docs/nmap.usage.txt %dir %{_mandir}/hr %dir %{_mandir}/hr/man1 %dir %{_mandir}/hu %dir %{_mandir}/hu/man1 %dir %{_mandir}/pl %dir %{_mandir}/pl/man1 %dir %{_mandir}/pt %dir %{_mandir}/pt/man1 %dir %{_mandir}/ro %dir %{_mandir}/ro/man1 %dir %{_mandir}/ru %dir %{_mandir}/ru/man1 %dir %{_mandir}/sk %dir %{_mandir}/sk/man1 %dir %{_mandir}/zh_CN %dir %{_mandir}/zh_CN/man1 %{_mandir}/man1/nmap.1.gz %{_mandir}/*/man1/* %{_bindir}/nmap %{_datadir}/nmap %files -n zenmap -f zenmap.lang %defattr(-,root,root) %{_bindir}/xnmap %{_bindir}/zenmap %{_bindir}/nmapfe %{python_sitelib}/zenmap-%{version}-py%{py_ver}.egg-info %{python_sitelib}/zenmapCore %{python_sitelib}/zenmapGUI %{python_sitelib}/radialnet %{_datadir}/applications/zenmap-root.desktop %{_datadir}/applications/zenmap.desktop %{_datadir}/pixmaps/zenmap.png %{_datadir}/zenmap %{_mandir}/man1/zenmap.1.gz %files -n ncat %defattr(-,root,root) %{_bindir}/ncat %{_mandir}/man1/ncat.1.gz %dir %{_datadir}/ncat %config(noreplace) %{_datadir}/ncat/ca-bundle.crt %files -n ndiff %defattr(-,root,root) %{_bindir}/ndiff %{_mandir}/man1/ndiff.1.gz %files -n nping %defattr(-,root,root) %{_bindir}/nping %{_mandir}/man1/nping.1.gz %changelog ++++++ nmap-4.00-noreturn.diff ++++++ Index: libpcap/gencode.c =================================================================== --- libpcap/gencode.c.orig 2010-04-21 05:39:45.000000000 +0100 +++ libpcap/gencode.c 2012-03-26 22:12:26.000000000 +0100 @@ -129,7 +129,7 @@ static int pcap_fddipad; #endif /* VARARGS */ -void +void __attribute__((__noreturn__)) bpf_error(const char *fmt, ...) { va_list ap; ++++++ nmap-4.75-nostrip.patch ++++++ Index: Makefile.in =================================================================== --- Makefile.in.orig 2011-12-21 00:00:05.000000000 +0000 +++ Makefile.in 2012-03-26 22:20:22.000000000 +0100 @@ -252,9 +252,6 @@ my_distclean: install-nmap: $(TARGET) $(INSTALL) -d $(DESTDIR)$(bindir) $(DESTDIR)$(mandir)/man1 $(DESTDIR)$(nmapdatadir) $(INSTALL) -c -m 755 nmap $(DESTDIR)$(bindir)/nmap -# Use strip -x to avoid stripping dynamically loaded NSE functions. See -# http://seclists.org/nmap-dev/2007/q4/0272.html. - $(STRIP) -x $(DESTDIR)$(bindir)/nmap $(INSTALL) -c -m 644 docs/$(TARGET).1 $(DESTDIR)$(mandir)/man1/ if [ "$(USE_NLS)" = "yes" ]; then \ for ll in $(filter $(ALL_LINGUAS),$(LINGUAS)); do \ ++++++ nmap-5.61-desktop_files.patch ++++++ Index: zenmap/install_scripts/unix/zenmap-root.desktop =================================================================== --- zenmap/install_scripts/unix/zenmap-root.desktop.orig 2011-12-12 09:05:48.000000000 +0000 +++ zenmap/install_scripts/unix/zenmap-root.desktop 2012-03-26 22:19:14.000000000 +0100 @@ -1,11 +1,11 @@ [Desktop Entry] Encoding=UTF-8 Name=Zenmap (as root) -GenericName=GUI Port Scanner +GenericName=Port Scanner +Comment=A Graphical Interface for the Nmap Security Scanner TryExec=su-to-zenmap.sh Exec=su-to-zenmap.sh %F Terminal=false Icon=zenmap Type=Application -Categories=Application;Network;Security; -Comment=A cross-platform GUI for the Nmap Security Scanner. +Categories=Application;Network;System;Security;GTK Index: zenmap/install_scripts/unix/zenmap.desktop =================================================================== --- zenmap/install_scripts/unix/zenmap.desktop.orig 2011-12-12 09:05:48.000000000 +0000 +++ zenmap/install_scripts/unix/zenmap.desktop 2012-03-26 22:20:02.000000000 +0100 @@ -1,11 +1,11 @@ [Desktop Entry] Encoding=UTF-8 Name=Zenmap -GenericName=GUI Port Scanner +GenericName=Port Scanner +Comment=A Graphical Interface for the Nmap Security Scanner TryExec=zenmap Exec=zenmap %F Terminal=false Icon=zenmap Type=Application -Categories=Application;Network;Security; -Comment=A cross-platform GUI for the Nmap Security Scanner. +Categories=Application;Network;System;Security;GTK ++++++ nmap-6.00-libpcap-filter.diff ++++++ Index: libpcap/pcap-bpf.c =================================================================== --- libpcap/pcap-bpf.c.orig 2012-04-10 04:37:22.000000000 +0100 +++ libpcap/pcap-bpf.c 2012-05-21 21:25:27.000000000 +0100 @@ -483,7 +483,7 @@ bpf_open(pcap_t *p) fd = open(device, O_RDWR); if (fd == -1 && errno == EACCES) fd = open(device, O_RDONLY); - } while (fd < 0 && errno == EBUSY); + } while (fd < 0 && errno == EBUSY && n < 1000); /* * XXX better message for all minors used Index: libpcap/pcap-linux.c =================================================================== --- libpcap/pcap-linux.c.orig 2012-04-10 04:37:22.000000000 +0100 +++ libpcap/pcap-linux.c 2012-05-21 21:25:27.000000000 +0100 @@ -2424,8 +2424,30 @@ pcap_setfilter_linux_common(pcap_t *hand if (can_filter_in_kernel) { if ((err = set_kernel_filter(handle, &fcode)) == 0) { + char buf[1024]; + int oldflags; + int ret; + unsigned int received = 0, rec_len = 0; + socklen_t optlen = sizeof(rec_len); /* Installation succeded - using kernel filter. */ handle->md.use_bpf = 1; + + oldflags = fcntl(handle->fd, F_GETFL, 0); + oldflags |= O_NONBLOCK; + fcntl(handle->fd, F_SETFL, oldflags); + getsockopt(handle->fd, SOL_SOCKET, SO_RCVBUF, + (char *)&rec_len, &optlen); + + /* now read all packets received until now */ + while((ret = read(handle->fd, buf, 1024)) > 0 + && received < rec_len) { + received += ret; + } + + if(oldflags > 0) { + oldflags &= ~O_NONBLOCK; + fcntl(handle->fd, F_SETFL, oldflags); + } } else if (err == -1) /* Non-fatal error */ { ++++++ nmap-CVE-2013-4885.patch ++++++ Index: scripts/http-domino-enum-passwords.nse =================================================================== --- scripts/http-domino-enum-passwords.nse.orig +++ scripts/http-domino-enum-passwords.nse @@ -308,9 +308,10 @@ action = function(host, port) http_response = http.get( vhost or host, port, u_details.idfile, { auth = { username = user, password = pass }, no_cache = true }) if ( http_response.status == 200 ) then - local status, err = saveIDFile( ("%s/%s.id"):format(download_path, u_details.fullname), http_response.body ) + local filename = download_path .. "/" .. stdnse.filename_escape(u_details.fullname .. ".id") + local status, err = saveIDFile( filename, http_response.body ) if ( status ) then - table.insert( id_files, ("%s ID File has been downloaded (%s/%s.id)"):format(u_details.fullname, download_path, u_details.fullname) ) + table.insert( id_files, ("%s ID File has been downloaded (%s)"):format(u_details.fullname, filename) ) else table.insert( id_files, ("%s ID File was not saved (error: %s)"):format(u_details.fullname, err ) ) end Index: scripts/stuxnet-detect.nse =================================================================== --- scripts/stuxnet-detect.nse.orig +++ scripts/stuxnet-detect.nse @@ -78,7 +78,7 @@ local function check_infected(host, path fmt = save:gsub("%%h", host.ip) fmt = fmt:gsub("%%v", version) - file = io.open(fmt, "w") + file = io.open(stdnse.filename_escape(fmt), "w") if file then stdnse.print_debug(1, "Wrote %d bytes to file %s.", #result.arguments, fmt) file:write(result.arguments) Index: scripts/http-config-backup.nse =================================================================== --- scripts/http-config-backup.nse.orig +++ scripts/http-config-backup.nse @@ -203,7 +203,7 @@ action = function (host, port) if (response.status == 200) then -- check it if is valid before inserting if cfg.check(response.body) then - local filename = ((host.targetname or host.ip) .. url_path):gsub("/", "-"); + local filename = stdnse.escape_filename((host.targetname or host.ip) .. url_path) -- save the content if save then Index: scripts/hostmap-bfk.nse =================================================================== --- scripts/hostmap-bfk.nse.orig +++ scripts/hostmap-bfk.nse @@ -47,7 +47,7 @@ require "target" local HOSTMAP_SERVER = "www.bfk.de" -local filename_escape, write_file +local write_file hostrule = function(host) return not ipOps.isPrivate(host.ip) @@ -89,7 +89,7 @@ action = function(host) local filename_prefix = stdnse.get_script_args("hostmap-bfk.prefix") if filename_prefix then - local filename = filename_prefix .. filename_escape(host.targetname or host.ip) + local filename = filename_prefix .. stdnse.filename_escape(host.targetname or host.ip) local status, err = write_file(filename, hostnames_str .. "\n") if status then output_str = string.format("Saved to %s\n", filename) @@ -104,13 +104,6 @@ action = function(host) return output_str end --- Escape some potentially unsafe characters in a string meant to be a filename. -function filename_escape(s) - return string.gsub(s, "[%z/=]", function(c) - return string.format("=%02X", string.byte(c)) - end) -end - function write_file(filename, contents) local f, err = io.open(filename, "w") if not f then Index: scripts/domino-enum-users.nse =================================================================== --- scripts/domino-enum-users.nse.orig +++ scripts/domino-enum-users.nse @@ -99,7 +99,7 @@ action = function(host, port) helper:disconnect() if ( status and data and path ) then - local filename = ("%s/%s.id"):format(path, username ) + local filename = path .. "/" .. stdnse.filename_escape(u_details.fullname .. ".id") local status, err = saveIDFile( filename, data ) if ( status ) then Index: scripts/ms-sql-dump-hashes.nse =================================================================== --- scripts/ms-sql-dump-hashes.nse.orig +++ scripts/ms-sql-dump-hashes.nse @@ -116,7 +116,7 @@ action = function( host, port ) local filename if ( dir ) then local instance = instance:GetName():match("%\\+(.+)$") or instance:GetName() - filename = ("%s/%s_%s_ms-sql_hashes.txt"):format(dir, host.ip, instance) + filename = dir .. "/" .. stdnse.filename_escape(("%s_%s_ms-sql_hashes.txt"):format(host.ip, instance)) saveToFile(filename, instanceOutput[1]) end end Index: scripts/snmp-ios-config.nse =================================================================== --- scripts/snmp-ios-config.nse.orig +++ scripts/snmp-ios-config.nse @@ -178,7 +178,7 @@ action = function(host, port) result = ( infile and infile:getContent() ) if ( tftproot ) then - local fname = tftproot .. host.ip .. "-config" + local fname = tftproot .. stdnse.filename_escape(host.ip .. "-config") local file, err = io.open(fname, "w") if ( file ) then file:write(result) Index: nselib/stdnse.lua =================================================================== --- nselib/stdnse.lua.orig +++ nselib/stdnse.lua @@ -968,4 +968,38 @@ function in_port_range(port,port_range) return false end +- This pattern must match the percent sign '%' since it is used in +-- escaping. +local FILESYSTEM_UNSAFE = "[^a-zA-Z0-9._-]" +--- +-- Escape a string to remove bytes and strings that may have meaning to +-- a filesystem, such as slashes. All bytes are escaped, except for: +-- * alphabetic <code>a</code>-<code>z</code> and <code>A</code>-<code>Z</code>, digits 0-9, <code>.</code> <code>_</code> <code>-</code> +-- In addition, the strings <code>"."</code> and <code>".."</code> have +-- their characters escaped. +-- +-- Bytes are escaped by a percent sign followed by the two-digit +-- hexadecimal representation of the byte value. +-- * <code>filename_escape("filename.ext") --> "filename.ext"</code> +-- * <code>filename_escape("input/output") --> "input%2foutput"</code> +-- * <code>filename_escape(".") --> "%2e"</code> +-- * <code>filename_escape("..") --> "%2e%2e"</code> +-- This escaping is somewhat like that of JavaScript +-- <code>encodeURIComponent</code>, except that fewer bytes are +-- whitelisted, and it works on bytes, not Unicode characters or UTF-16 +-- code points. +function filename_escape(s) + if s == "." then + return "%2e" + elseif s == ".." then + return "%2e%2e" + else + return (string.gsub(s, FILESYSTEM_UNSAFE, function (c) + return string.format("%%%02x", string.byte(c)) + end)) + end +end + + + ++++++ su-to-zenmap.patch ++++++ Index: zenmap/install_scripts/unix/su-to-zenmap.sh =================================================================== --- zenmap/install_scripts/unix/su-to-zenmap.sh.orig 2009-05-03 05:33:50.000000000 +0100 +++ zenmap/install_scripts/unix/su-to-zenmap.sh 2012-03-26 22:20:29.000000000 +0100 @@ -13,8 +13,8 @@ if test "$euid" = "$privid"; then $COMMAND else if test -z "$SU_TO_ROOT_X"; then - if which gksu >/dev/null 2>&1 ; then - SU_TO_ROOT_X=gksu + if which gnomesu >/dev/null 2>&1 ; then + SU_TO_ROOT_X=gnomesu if test "X$KDE_FULL_SESSION" = "Xtrue" ; then if which kdesu >/dev/null 2>&1 ; then SU_TO_ROOT_X=kdesu @@ -39,8 +39,8 @@ else fi fi case $SU_TO_ROOT_X in - gksu) gksu -u "$PRIV" "$COMMAND";; - kdesu) kdesu -u "$PRIV" "$COMMAND";; + gnomesu) gnomesu -u "$PRIV" -c "$COMMAND";; + kdesu) kdesu -u "$PRIV" -c "$COMMAND";; kde4su) /usr/lib/kde4/libexec/kdesu -u "$PRIV" "$COMMAND";; ktsuss) ktsuss -u "$PRIV" "$COMMAND";; # As a last resort, open a new xterm use sudo/su -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
