nmap-7.93

[Bruce Dubbs]

New minor version.

[Bruce Dubbs]

Nmap 7.93 [2022-09-01]

• This release commemorates Nmap's 25th anniversary! It all started with this September 1, 1997 Phrack article by Fy-dor: ​https://nmap.org/p51-11.html.

• [Windows] Upgraded Npcap (our Windows raw packet capturing and transmissi-n driver) from version 1.50 to the latest version 1.71. It includes d-zens of performance improvements, bug fixes and feature enhancements described at ​https://npcap.c-m/changelog.

• Ensure Nmap builds with OpenSSL 3.0 using no deprecated API functions. Binaries f-r this release include OpenSSL 3.0.5.

• Upgrade included libraries: libssh2 1.10.0, zlib 1.2.12, Lua 5.3.6, libpcap 1.10.1

• [GH2416] Fix a bug that prevented Nmap from discovering interfaces on Linux when n- IPv4 addresses were configured.

• [NSE][GH2463] NSE "exception handling" with nmap.new_try() will no longer result in a stack traceback in debug -utput nor a "ERROR: script execution failed" message in script -utput, since the intended behavior has always been t- end the script immediately without output.

• [GH2494] Update the Nmap output DTD to match actual output since the <h-sthint> element was added in Nmap 7.90.

• [NSE][GH2496] Fix newtargets support: since Nmap 7.92, scripts could not add targets in script pre-scanning phase.

• [GH2468] Scripts dhcp-discover and broadcast-dhcp-discover now support setting a client identifier.

• [GH2331][GH2471] Script oracle-tns-version was not reporting the version c-rrectly for Oracle 19c or newer

• [GH2296][GH2342] Script redis-info was crashing or producing inaccurate inf-rmation about client connections and/or cluster nodes.

• [GH2379] Nmap and Nping were unable to obtain system routes on FreeBSD

• [GH2464] Script ipidseq was broken due to calling an unreachable library functi-n.

• [GH2420][GH2436] Support for EC crypto was not properly enabled if Nmap was c-mpiled with OpenSSL in a custom location.

• [NSE] Improvements to event handling and pcap socket garbage collection, fixing p-tential hangs and crashes.

• We ceased creating the Nmap win32 binary zipfile. It was useful back when y-u could just unzip it and run Nmap from there, but that hasn't worked well f-r many years. The win32 self-installer handles Npcap installation and many -ther dependencies and complexities. Anyone who needs the binaries for some reas-n can still install Nmap on any system and retrieve them from there. F-r now we're keeping the Win32 zipfile in the Nmap OEM Edition (​https://nmap.-rg/oem) for companies building Nmap into their own pr-ducts. But even in that case we believe that running the Nmap OEM self-installer in silent m-de is a better approach.

• [GH2388] Fix TDS7 password encoding for mssql.lua, which had been assuming ASCII input even th-ugh other parts of the library had been passing it Unicode.

• [GH2402] Replace deprecated CPEs for IIS with their updated identifier, cpe:/a:micr-soft:internet_information_services

• [NSE][GH2393] Fix script-terminating error when unknown BSON data types are enc-untered. Added parsers for most standard data types.

• [Ncat] Fix hostname/certificate comparison and matching to handle ASN.1 strings with-ut null terminators, a similar bug to OpenSSL's CVE-2021-3712.

• [Ncat][GH2365] Added support for SOCKS5 proxies that return bind addresses as h-stnames, instead of IPv4/IPv6 addresses.

[Bruce Dubbs]

Fixed at commits

57222e8d39 Update to git-2.37.3.
ef42c7e127 Update to nmap-7.93.