Advisories ยป MGASA-2020-0216

Updated nmap packages fix security vulnerability

Publication date: 24 May 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2017-18594


Updated nmap packages fix security vulnerability: in Nmap 7.70 is subject to a denial of service condition
due to a double free when an SSH connection fails, as demonstrated by a
leading \n character to ssh-brute.nse or ssh-auth-methods.nse

Also, when a server forced a protocol and did not return TLS ALPN extension,
this caused an infinite loop.