Results 1 to 9 of 9

Thread: nmap stack smashing

Hybrid View

  1. #1
    Member
    Join Date
    Feb 2007
    Posts
    229

    Default nmap stack smashing

    I did an update-upgrade today and got the new versions of nmap and autoscan-network. However, when trying to use nmap i get the following:

    *** stack smashing detected ***: nmap terminated
    ======= Backtrace: =========
    /lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0xb7bc36d8]
    /lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x0)[0xb7bc3690]
    nmap[0x80b36d2]
    nmap[0x80b498f]
    ======= Memory map: ========
    08048000-0811a000 r-xp 00000000 08:02 1236993 /usr/bin/nmap
    0811a000-0811b000 r--p 000d1000 08:02 1236993 /usr/bin/nmap
    0811b000-0811c000 rw-p 000d2000 08:02 1236993 /usr/bin/nmap
    0811c000-08127000 rw-p 00000000 00:00 0
    09be1000-0a31e000 rw-p 00000000 00:00 0 [heap]
    b79f5000-b7a78000 rw-p 00000000 00:00 0
    b7a78000-b7a82000 r-xp 00000000 08:02 2638451 /lib/tls/i686/cmov/libnss_files-2.8.90.so
    b7a82000-b7a83000 r--p 00009000 08:02 2638451 /lib/tls/i686/cmov/libnss_files-2.8.90.so
    b7a83000-b7a84000 rw-p 0000a000 08:02 2638451 /lib/tls/i686/cmov/libnss_files-2.8.90.so
    b7a84000-b7a8d000 r-xp 00000000 08:02 2638455 /lib/tls/i686/cmov/libnss_nis-2.8.90.so
    b7a8d000-b7a8e000 r--p 00008000 08:02 2638455 /lib/tls/i686/cmov/libnss_nis-2.8.90.so
    b7a8e000-b7a8f000 rw-p 00009000 08:02 2638455 /lib/tls/i686/cmov/libnss_nis-2.8.90.so
    b7a8f000-b7aa4000 r-xp 00000000 08:02 2638445 /lib/tls/i686/cmov/libnsl-2.8.90.so
    b7aa4000-b7aa5000 r--p 00014000 08:02 2638445 /lib/tls/i686/cmov/libnsl-2.8.90.so
    b7aa5000-b7aa6000 rw-p 00015000 08:02 2638445 /lib/tls/i686/cmov/libnsl-2.8.90.so
    b7aa6000-b7aa8000 rw-p 00000000 00:00 0
    b7aa8000-b7aaf000 r-xp 00000000 08:02 2638447 /lib/tls/i686/cmov/libnss_compat-2.8.90.so
    b7aaf000-b7ab0000 r--p 00006000 08:02 2638447 /lib/tls/i686/cmov/libnss_compat-2.8.90.so
    b7ab0000-b7ab1000 rw-p 00007000 08:02 2638447 /lib/tls/i686/cmov/libnss_compat-2.8.90.so
    b7ab1000-b7ab3000 rw-p 00000000 00:00 0
    b7ab3000-b7ac7000 r-xp 00000000 08:02 1246956 /usr/lib/libz.so.1.2.3.3
    b7ac7000-b7ac9000 rw-p 00013000 08:02 1246956 /usr/lib/libz.so.1.2.3.3
    b7ac9000-b7c21000 r-xp 00000000 08:02 2638434 /lib/tls/i686/cmov/libc-2.8.90.so
    b7c21000-b7c23000 r--p 00158000 08:02 2638434 /lib/tls/i686/cmov/libc-2.8.90.so
    b7c23000-b7c24000 rw-p 0015a000 08:02 2638434 /lib/tls/i686/cmov/libc-2.8.90.so
    b7c24000-b7c28000 rw-p 00000000 00:00 0
    b7c28000-b7c35000 r-xp 00000000 08:02 2629697 /lib/libgcc_s.so.1
    b7c35000-b7c36000 r--p 0000c000 08:02 2629697 /lib/libgcc_s.so.1
    b7c36000-b7c37000 rw-p 0000d000 08:02 2629697 /lib/libgcc_s.so.1
    b7c37000-b7c5b000 r-xp 00000000 08:02 2638442 /lib/tls/i686/cmov/libm-2.8.90.so
    b7c5b000-b7c5c000 r--p 00023000 08:02 2638442 /lib/tls/i686/cmov/libm-2.8.90.so
    b7c5c000-b7c5d000 rw-p 00024000 08:02 2638442 /lib/tls/i686/cmov/libm-2.8.90.so
    b7c5d000-b7d40000 r-xp 00000000 08:02 1246656 /usr/lib/libstdc++.so.6.0.10
    b7d40000-b7d44000 r--p 000e3000 08:02 1246656 /usr/lib/libstdc++.so.6.0.10
    b7d44000-b7d45000 rw-p 000e7000 08:02 1246656 /usr/lib/libstdc++.so.6.0.10
    b7d45000-b7d4b000 rw-p 00000000 00:00 0
    b7d4b000-b7d4d000 r-xp 00000000 08:02 2638440 /lib/tls/i686/cmov/libdl-2.8.90.so
    b7d4d000-b7d4e000 r--p 00001000 08:02 2638440 /lib/tls/i686/cmov/libdl-2.8.90.so
    b7d4e000-b7d4f000 rw-p 00002000 08:02 2638440 /lib/tls/i686/cmov/libdl-2.8.90.so
    b7d4f000-b7e82000 r-xp 00000000 08:02 2654209 /usr/lib/i686/cmov/libcrypto.so.0.9.8
    b7e82000-b7e8a000 r--p 00132000 08:02 2654209 /usr/lib/i686/cmov/libcrypto.so.0.9.8
    b7e8a000-b7e97000 rw-p 0013a000 08:02 2654209 /usr/lib/i686/cmov/libcrypto.so.0.9.8
    b7e97000-b7e9b000 rw-p 00000000 00:00 0
    b7e9b000-b7edd000 r-xp 00000000 08:02 2654210 /usr/lib/i686/cmov/libssl.so.0.9.8
    b7edd000-b7ede000 ---p 00042000 08:02 2654210 /usr/lib/i686/cmov/libssl.so.0.9.8
    b7ede000-b7edf000 r--p 00042000 08:02 2654210 /usr/lib/i686/cmov/libssl.so.0.9.8
    b7edf000-b7ee2000 rw-p 00043000 08:02 2654210 /usr/lib/i686/cmov/libssl.so.0.9.8
    b7ee2000-b7f0b000 r-xp 00000000 08:02 1246454 /usr/lib/libpcap.so.0.9.8
    b7f0b000-b7f0c000 r--p 00028000 08:02 1246454 /usr/lib/libpcap.so.0.9.8
    b7f0c000-b7f0d000 rw-p 00029000 08:02 1246454 /usr/lib/libpcap.so.0.9.8
    b7f0d000-b7f35000 r-xp 00000000 08:02 2629756 /lib/libpcre.so.3.12.1
    b7f35000-b7f36000 r--p 00027000 08:02 2629756 /lib/libpcre.so.3.12.1
    b7f36000-b7f37000 rw-p 00028000 08:02 2629756 /lib/libpcre.so.3.12.1
    b7f4b000-b7f4f000 rw-p 00000000 00:00 0
    b7f4f000-b7f69000 r-xp 00000000 08:02 2629655 /lib/ld-2.8.90.so
    b7f69000-b7f6a000 rw-p 00000000 00:00 0
    b7f6a000-b7f6b000 r--p 0001a000 08:02 2629655 /lib/ld-2.8.90.so
    b7f6b000-b7f6c000 rw-p 0001b000 08:02 2629655 /lib/ld-2.8.90.so
    bfca8000-bfcbd000 rw-p 00000000 00:00 0 [stack]
    ffffe000-fffff000 r-xp 00000000 00:00 0 [vdso]
    Has anyone else seen this with the current version? I'm wondering if it isnt some other package in my system causing this

  2. #2
    Developer balding_parrot's Avatar
    Join Date
    May 2007
    Posts
    3,399

    Default Re: nmap stack smashing

    Without knowing what exact command you used, it is impossible to say.

    Can you provide more information so as we can try to replicate it.

  3. #3
    Member
    Join Date
    Feb 2007
    Posts
    229

    Default Re: nmap stack smashing

    i just tested by starting zenmap at the default aggressive settings to scan my router, also happens when fast-track attempts an autopwn of any IP on my network.

  4. #4
    Developer balding_parrot's Avatar
    Join Date
    May 2007
    Posts
    3,399

    Default Re: nmap stack smashing

    Sorry I cannot reproduce this error.

    I have performed many different scans on my network using nmap and zenmap, and the worst I managed to do was Dos myself off the network.
    I also performed scans against scanme.nmap.org with both nmap and zenmap and only got results as expected.

    With that, I don't really know what your problem is, all I can say is that it works here.

    If you can paste the exact command used, I could try again using your command and see if that makes any difference.

  5. #5
    Member
    Join Date
    Feb 2007
    Posts
    229

    Default Re: nmap stack smashing

    It seems that any command i run through nmap causes this to happen. Is there a way for me to trace whats going on? It appears that nmap is trying to write to an area of memory used by another program. Odd to think that it started randomly like this though. From what i understand of memory addressing each thread is assigned its own space so as not to cause overflows like this. I'm not keen enough to read the memory map output by the error, but from what i get its telling me that one of those libraries is causing the issue.

    I dont see any overlaps in the memory map though and reinstallation of nmap (after a purge) did nothing to help. My older build of the OS image i'm using works fine.

    EDIT: I re-installed the last remastersys image i built for my USB drive after testing and the error dissapears. It seems to have something to do with a library or app i added along the way, though i cant imagine what it is i did. Wondering if maybe its the decnet thing (need to reboot to check) that comes with the new nmap setup. I'm trying to replicate my prior setup step-by-step in order to get this rolling, though i'm willing to bet its some auxilliary thing i added from synaptic for convenience that caused this
    Last edited by RageLtMan; 01-27-2010 at 07:21 AM.

  6. #6
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: nmap stack smashing

    You could also try sending an error output along with the relevant info to the nmap mailing list. There may be more/better help available there.

  7. #7
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default Re: nmap stack smashing

    Quote Originally Posted by Archangel.Amael View Post
    You could also try sending an error output along with the relevant info to the nmap mailing list. There may be more/better help available there.
    nmap 5.21 was released in the past few hours which corrects a few assert issues. I can't actually see it being a problem here, but it may be worth upgrading to it (do it from source until it hits the repo's), just to see.

    With that in mind, it should definitely be added to the repo's just to resolve the minor issues that were patched. It is a bug-fix only release. I don't think it quite counts as a package request, so I am just bringing it to a mods attention.

    Cheers
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  8. #8
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: nmap stack smashing

    Quote Originally Posted by Gitsnik View Post
    nmap 5.21 was released in the past few hours which corrects a few assert issues. I can't actually see it being a problem here, but it may be worth upgrading to it (do it from source until it hits the repo's), just to see.

    With that in mind, it should definitely be added to the repo's just to resolve the minor issues that were patched. It is a bug-fix only release. I don't think it quite counts as a package request, so I am just bringing it to a mods attention.

    Cheers
    Seen the same thing today but after I had posted.

  9. #9
    Developer balding_parrot's Avatar
    Join Date
    May 2007
    Posts
    3,399

    Default Re: nmap stack smashing

    I added nmap 5.21 to our svn less than 2hrs after they tweeted that it had been released.

    You will be able to get it from the repo as soon as they are sync'd, which shouldn't be too long now.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •