Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

NMAP crash with ssh-auth-methods.nse (patch included) #1077

Closed
sethrandall opened this issue Dec 4, 2017 · 3 comments
Closed

NMAP crash with ssh-auth-methods.nse (patch included) #1077

sethrandall opened this issue Dec 4, 2017 · 3 comments

Comments

@sethrandall
Copy link

sethrandall commented Dec 4, 2017

When testing ssh-auth-methods.nse against non-standard ports, I forgot to specify ports and NMAP crashed. I have narrowed it down to running the script against port 139. I ran a debug and found the crash appears to be caused by a double free of session data. This appears to be due to a session pointer not being NULLed after the session is freed. Attached is a patch that appears to fix the issue.
nse_libssh2-session-null.txt

@sethrandall sethrandall changed the title NMAP crash with ssh-auth-methods.nse NMAP crash with ssh-auth-methods.nse (patch included) Dec 13, 2017
@landgraf
Copy link

landgraf commented May 2, 2019

This was fixed in 350bbe0

@landgraf
Copy link

landgraf commented May 2, 2019

@dmiller-nmap can you close the issue since you've commited the fix? :)

@dmiller-nmap
Copy link

Thanks!

nmap-bot pushed a commit that referenced this issue May 17, 2019
This was reported, with a correct patch, back in December 2017, and I
rediscovered the issue and came up with the same patch in r37532 in
November 2018. Full credit should go to Seth Randall.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants