/
Errata - 4.3.4 - Bad suid test on Nmap binary prevents discoveries from being executed on Redhat
Errata - 4.3.4 - Bad suid test on Nmap binary prevents discoveries from being executed on Redhat
By Mark Unwin
Nov 15, 2022
We have come across a bug when testing for the Nmap SUID bit being set on Redhat based distros.
The work-around until our next release is to edit the file /usr/local/open-audit/code_igniter/application/controllers/discoveries.php
Make the function return without testing anything.
Change from (at about line 463).
private function test_nmap_suid()
{
if (php_uname('s') === 'Windows NT') {
return;
}
$command_string = 'ls -lh `which nmap` | cut -d" " -f1 | cut -c4';
exec($command_string, $output);
if (! isset($output[0]) or $output[0] !== 's') {
log_error('ERR-0047');
} return;
}
to
private function test_nmap_suid()
{
return;
if (php_uname('s') === 'Windows NT') {
return;
}
$command_string = 'ls -lh `which nmap` | cut -d" " -f1 | cut -c4';
exec($command_string, $output);
if (! isset($output[0]) or $output[0] !== 's') {
log_error('ERR-0047');
} return;
}
Apologies for any inconvenience caused.
, multiple selections available,
Related content
Discovery Scan Options
Discovery Scan Options
More like this
Installing Open-AudIT 5.x on Redhat 8 without external repo's
Installing Open-AudIT 5.x on Redhat 8 without external repo's
More like this
Release Notes for Open-AudIT v5.6.4
Release Notes for Open-AudIT v5.6.4
More like this
Release Notes for Open-AudIT v5.4.0
Release Notes for Open-AudIT v5.4.0
More like this
Release Notes for Open-AudIT v5.6.1
Release Notes for Open-AudIT v5.6.1
More like this
Release Notes for Open-AudIT v5.6.0
Release Notes for Open-AudIT v5.6.0
More like this