Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Nmap new version past 7.70 due to CVE-2018-15173

From: Shashi Guruprasad <sguruprasad () fortinet com>
Date: Tue, 28 Aug 2018 00:54:58 +0000
Hi Fyodor, or Daniel Miller,

Would it be possible to release a new version of nmap for fix CVE-2018-15173? Qualys is reporting this vulnerability in 
our system despite installing 7.70-1. I can build from source, but it will mean that I will need to do this all the 
time in the futureā€¦

Thanks and regards,
Shashi
[GH#1147]<http://issues.nmap.org/1147>[GH#1108]<http://issues.nmap.org/1108> Reduced LibPCRE resource limits so that 
version detection can't use as much of the stack. Previously Nmap could crash when run on low-memory systems against 
target services which are intentionally or accidentally difficult to match. Someone assigned CVE-2018-15173 for this 
issue. [Daniel Miller]


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: