MGASA-2018-0196 Updated nmap packages fix security vulnerability

Nmap developer nnposter found a security flaw directory traversal vulnerability in the way the non-default http-fetch script sanitized URLs. If a user manualy ran this NSE script against a malicious web server, the server could potentially depending on NSE arguments used cause files to be saved...

Updated nmap packages fix security vulnerability

Nmap developer nnposter found a security flaw directory traversal vulnerability in the way the non-default http-fetch script sanitized URLs. If a user manualy ran this NSE script against a malicious web server, the server could potentially depending on NSE arguments used cause files to be saved...

http-devframework NSE Script

Tries to find out the technology behind the target website. The script checks for certain defaults that might not have been changed, like common headers or URLs or HTML content. While the script does some guessing, note that overall there's no way to determine what technologies a given site is...

http-feed NSE Script

This script crawls through the website to find any rss or atom feeds. The script, by default, spiders and searches within forty pages. For large web applications make sure to increase httpspider's maxpagecount value. Please, note that the script will become more intrusive though. Script Arguments...

http-errors NSE Script

This script crawls through the website and returns any error pages. The script will return all pages sorted by error code that respond with an http code equal or above 400. To change this behaviour, please use the errcodes option. The script, by default, spiders and searches within forty pages. F...

http-mobileversion-checker NSE Script

Checks if the website holds a mobile version. See also: http-useragent-tester.nse Script Arguments newtargets If this is set, add any newly discovered hosts to nmap scanning queue. Default: nil httpspider.doscraping, httpspider.maxdepth, httpspider.maxpagecount, httpspider.noblacklist,...

http-referer-checker NSE Script

Informs about cross-domain include of scripts. Websites that include external javascript scripts are delegating part of their security to third-party entities. Script Arguments slaxml.debug See the documentation for the slaxml library. httpspider.doscraping, httpspider.maxdepth,...

http-auth-finder NSE Script

Spiders a web site to find web pages requiring form-based or HTTP-based authentication. The results are returned in a table with each url and the detected method. See also: http-auth.nse http-brute.nse Script Arguments http-auth-finder.url the url to start spidering. This is a URL relative to the...