Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: vuln check in http-phpmyadmin-dir-traversal #1359

Closed
wants to merge 1 commit into from
Closed

fix: vuln check in http-phpmyadmin-dir-traversal #1359

wants to merge 1 commit into from

Conversation

phra
Copy link

@phra phra commented Oct 17, 2018

it adds an additional check against a baseline response.

fixes #1358

@phra
fix: vuln check in http-phpmyadmin-dir-traversal
ba021e3 
it adds an additional check against a baseline response.

fixes nmap#1358
@dmiller-nmap
Copy link

The failing check here is my fault; the build was broken in the commit you branched from. I'm looking at your changes now.

@nmap-bot nmap-bot closed this in 93edeef Oct 17, 2018
@phra
Copy link
Author

phra commented Oct 18, 2018

hi @dmiller-nmap,
the PR was closed by @nmap-bot, should i resend it?

@dmiller-nmap
Copy link

@phra No, I applied your change with slight modifications in the commit that closed this PR. If you can confirm that the change works and you no longer get a false positive, we can also close #1358 .

@phra
Copy link
Author

phra commented Oct 19, 2018

@dmiller-nmap nmap is released under GPL2 LICENSE AFAIK. the ownership (mention of the author) of the commits should remain of the original authors. please review the way you integrate community contributions respecting your own LICENSE and the open source community efforts.

@dmiller-nmap
Copy link

@phra Thanks for your concern. For the moment, our process is documented in CONTRIBUTING.md, and is consistent with how Nmap development has been done for decades: commits made by authorized committers with appropriate credit given to original code authors in the CHANGELOG file. I will bring this issue up to @fyodor as well.

3 similar comments
@dmiller-nmap
Copy link

@phra Thanks for your concern. For the moment, our process is documented in CONTRIBUTING.md, and is consistent with how Nmap development has been done for decades: commits made by authorized committers with appropriate credit given to original code authors in the CHANGELOG file. I will bring this issue up to @fyodor as well.

@dmiller-nmap
Copy link

@phra Thanks for your concern. For the moment, our process is documented in CONTRIBUTING.md, and is consistent with how Nmap development has been done for decades: commits made by authorized committers with appropriate credit given to original code authors in the CHANGELOG file. I will bring this issue up to @fyodor as well.

@dmiller-nmap
Copy link

@phra Thanks for your concern. For the moment, our process is documented in CONTRIBUTING.md, and is consistent with how Nmap development has been done for decades: commits made by authorized committers with appropriate credit given to original code authors in the CHANGELOG file. I will bring this issue up to @fyodor as well.

@dmiller-nmap
Copy link

wow, Github was having problems last night and apparently queued this comment every time I tried to comment it, but told me nothing was happening. Sorry about that!

@phra
Copy link
Author

phra commented Oct 22, 2018

ahah, no problem :)

@nnposter nnposter mentioned this pull request Jan 18, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

http-phpmyadmin-dir-traversal reports false positives
2 participants
@phra @dmiller-nmap