nmap-7.95

[Bruce Dubbs]

New minor version.

[Bruce Dubbs]

Nmap 7.95 [2024-04-19]

• [Windows] Upgraded Npcap (our Windows raw packet capturing and transmission driver) from version 1.75 to the latest version 1.79. It includes many performance improvements, bug fixes and feature enhancements described at ​https://npcap.com/changelog.

• Integrated over 4000 IPv4 OS fingerprints submitted since June 2020. Added 336 fingerprints, bringing the new total to 6036. Additions include iOS 15 & 16, macOS Ventura & Monterey, Linux 6.1, OpenBSD 7.1, and lwIP 2.2

• Integrated over 2500 service/version detection fingerprints submitted since June 2020. The signature count went up 1.4% to 12089, including 9 new softmatches. We now detect 1246 protocols, including new additions of grpc, mysqlx, essnet, remotemouse, and tuya.

• [NSE] Four new scripts from the DINA community (​https://github.com/DINA-community) for querying industrial control systems:

• hartip-info reads device information from devices using the Highway Addressable Remote Transducer protocol

• iec61850-mms queries devices using Manufacturing Message Specification requests.

• multicast-profinet-discovery Sends a multicast PROFINET DCP Identify All message and prints the responses.

• profinet-cm-lookup queries the DCERPC endpoint mapper exposed via the PNIO-CM service.

• Upgraded included libraries: Lua 5.4.6, libpcre2 10.43, zlib 1.3.1, libssh2 1.11.0, liblinear 2.47

• [GH2639] Upgraded OpenSSL binaries (for the Windows builds and for RPMs) to version 3.0.13. CVEs resolved in this update include only 2 moderate-severity issues which we do not believe affect Nmap: CVE-2023-5363 and CVE-2023-2650

• [Zenmap][Ndiff][GH2649] Zenmap and Ndiff now use setuptools, not distutils for packaging.

• [Ncat][GH2685] Fixed Ncat UDP server mode to not quit after EOF on stdin.

• [GH2672] Fixed an issue where TCP Connect scan (-sT) on Windows would fail to open any sockets, leading to scans that never finish.

• [NSE] ssh-auth-methods will now print the pre-authentication banner text when available. Requires libssh2 1.11.0 or later.

• [Zenmap][GH2739] Fix a crash in Zenmap when changing a host comment.

• [NSE][GH2766] Fix TLS 1.2 signature algorithms for EdDSA.

• [Zenmap][GH2706] RPM spec files now correctly require the python3 package, not python>=3

• Improvements to OS detection fingerprint matching, including a syntax change for nmap-os-db that allows ranges within the TCP Options string. This leads to more concise and maintainable fingerprints.

• Improved the OS detection engine by using a new source port for each retry. Scans from systems such as Windows that do not send RST for unsolicited SYN|ACK responses were previously unable to get a response in subsequent tries.

• Several profile-guided optimizations of the port scan engine.

• [GH2731] Fix an out-of-bounds read which led to out-of-memory errors when duplicate addresses were used with --exclude

• [GH2609] Fixed a memory leak in Nsock: compiled pcap filters were not freed.

• [GH2658] Fixed a crash when using service name wildcards with -p, as in -p "http*"

• [NSE] Fixed DNS TXT record parsing which caused asn-query to fail in Nmap 7.80 and later.

• [NSE][GH2727][GH2728] Fixed packet size testing in KNX scripts

[Bruce Dubbs]

Fixed at commits

d2f34f586e Update to libgusb-0.4.9.
a7990a2f61 Update to libxmlb-0.3.19.
cda55411e3 Update to nmap-7.95.