Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Development: Re: nmap ends prematurely with a segfault

Re: nmap ends prematurely with a segfault

From: DePriest, Jason R. <jrdepriest_at_gmail.com>
Date: Fri, 23 Nov 2007 13:50:23 -0600

I just ran the same scan with RC2 and it completed without errors.

The program listening is part of IBM Director. The executable is
wmicimserver.exe.

-Jason

On Nov 23, 2007 10:28 AM, Diman Todorov <diman.todorov_at_univie.ac.at> wrote:
>
>
> On Oct 18, 2007, at 10:15 PM, DePriest, Jason R. wrote:
>
> > I run nmap like this:
> > sudo nmap -v -sSUV -O -pT:-,U:[1-65535] --traceroute --reason
> > --script=discovery,safe,backdoor,vulnerability,malware --script-trace
> > -d6 xxx.yyy.zzz.190,153,193,89
> >
> > and after some time, it eventually ends with a segfault.
> >
> > Seriously, it ends with a simple "Segmentation fault" and nothing else
> > to help explain from where the segfault came.
> >
> > The last bit looks like this:
> > NSOCK (1524.9210s) Callback: READ SUCCESS for EID 770
> > [xxx.yyy.zzz.153:5988] (69 bytes): HTTP/1.1 401
> > Unauthorized..WWW-Authenticate: Basic realm="ANLYX2"....
> > SCRIPT ENGINE: TCP xxx.yyy.zzz.50:34039 < xxx.yyy.zzz.153:5988 |
> > HTTP/1.1 401 Unauthorized
> > WWW-Authenticate: Basic realm="ANLYX2"
> >
> >
> > NSOCK (1524.9210s) msevent_delete (IOD #28) (EID #770)
> > NSOCK (1524.9210s) wait_for_events
> > NSOCK (1524.9210s) PCAP read_on_nonselect
> > NSOCK (1524.9210s) PCAP END read_on_nonselect
> > SCRIPT ENGINE: TCP xxx.yyy.zzz.50:34039 > xxx.yyy.zzz.153:5988 | CLOSE
> > Segmentation fault
> >
> > I am attaching a file with all the output starting from when SCRIPT
> > ENGINE first showed up. I hope anyway. I could only scroll back 5000
> > lines. If you need more, I can run it again (it is reproducible) and
> > tee the output or something.
>
> Hi,
>
> if you can still reproduce this problem with the most recent svn nmap
> version I'd like to ask you a few things:
>
> 1) does this happen if you only scan the .153 host? Can you give some
> more information about that host? Like, is there some service running
> on 5988? And if there is, what service is it?
>
> 2) would you mind sending that attachment of yours packed with some
> more common archiving tool?
>
> cheers,
> Diman
>
>
>
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://SecLists.Org
> 

-- 
NOTICE:  This email is being sent in clear-text across the public
Internet.  Therefore, any attempts to include unenforceable legalese
restrictions are ridiculous and pointless.  If you can read this,
consider yourself authorized (whether I like it or not).
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Nov 23 2007
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos