mailing list archives
Nmap 5.21 released
From: Fyodor <fyodor () insecure org>
Date: Wed, 27 Jan 2010 12:45:26 -0800
Hello everyone. I'm pleased to release Nmap 5.21, which contains zero
exciting new features! It is a bug-fix only release instead,
addressing about a dozen issues discovered since 5.20. Thanks for all
the testing and bug reports! None of the bugs are critical, but we
wanted to polish things up since 5.21 may be the latest stable version
for a while. That gives us time to tackle and stabilize big
development projects. If you want to know what we're up to, join the
The Nmap 5.21 source code and packages for Linux, Mac, and Windows are
available for download at the usual place:
If you find any bugs, let us know on nmap-dev
(http://nmap.org/book/man-bugs.html). If you find a big enough
problem, you could inspire a 5.22 release.
Here are the CHANGELOG entries since 5.20:
o [Zenmap] Added a workaround for a Ubuntu 9.10 Python packaging
idiosyncrasy. As of version python2.6-2.6.4-0ubuntu3, Ubuntu's
distutils modifies self.prefix, a variable we use in the setup.py
script. This would cause Zenmap to look in the wrong place for its
configuration files, and show the dialog "Error creating the
per-user configuration directory" with the specific error "[Errno 2]
No such file or directory: '/usr/share/zenmap/config'". This problem
was reported by Chris Clements, who also helped debug. [David]
o Fixed an error that occurred when UDP scan was combined with version
scan. UDP ports would appear in the state "unknown" at the end of
the scan, and in some cases an assertion failure would be raised.
This was an unintended side effect of the memory use reduction
changes in 5.20. The bug was reported by Jon Kibler. [David]
o [NSE] Did some simple bit-flipping on the nmap_service.exe program
used by the smb-psexec script, to avoid its being falsely detected
as malware by dumb antivirus signatures. [Ron]
o [NSE] Fixed a bug in http.lua that could lead to an assertion
failure. It happened when there was an error getting the a response
at the beginning of a batch in http.pipeline. The symptoms of the
NSE: Received only 0 of 1 expected reponses.
Decreasing max pipelined requests to 0.
NSOCK (0.1870s) Write request for 0 bytes...
nmap: nsock_core.c:516: handle_write_result: Assertion `bytesleft > 0' failed.
The error was reported by Brandon Enright and pyllyukko.
o [NSE] Restored the ability of http.head to return a body if the
server returns one. This was lost in the http.lua overhaul from
o [NSE] Fixed the use of our strict.lua library on distributions that
install their own strict.lua. The error message was
nse_main.lua:97: attempt to call a boolean value
It was reported by Onur K. [Patrick]
o Fixed handing of nameserver entries in /etc/resolv.conf so it could
handle entries containing more than 16 bytes, which can occur with
IPv6 addresses. Gunnar Lindberg reported the problem and
contributed an initial patch, then Brandon and Kris refined and
o [NSE] Corrected a behavior change in http.request that was
accidentally made in 5.20: it could return nil instead of a table
indicating failure. [David]
o [NSE] Fixed the use of an undefined variable in smb-enum-sessions,
reported by Brandon. [Ron]
o Fixed a compiler error when --without-liblua is used. [Brandon]
o [NSE] Fixed an error with running http-enum.nse along with the
--datadir option. The script would report the error
http-enum.nse:198: bad argument #1 to 'lines'
(nselib/data/http-fingerprints: No such file or directory)
The error was reported by Ron Meldau and Brandon. [Kris]
o Added a function that was missing from http-favicon.nse. Its absence
would cause the error
http-favicon.nse:141: variable 'dirname' is not declared
when a web page specified an relative icon URL through the link
element. This bug was reported by Ron Meldau. [David]
o Fixed a bug with the decoding of NMAP OID component values greater
than 127. [Patrik Karlsson, David]
Enjoy the new release!
Sent through the nmap-hackers mailing list
Archived at http://seclists.org/nmap-hackers/
- Nmap 5.21 released Fyodor (Jan 27)