Nmap Version Detection FreeBSD OpenSSH 9.9p1 #3100
Description
Describe the bug
Running Nmap with version detection -sV against an OpenSSH service SSH-2.0-OpenSSH_9.9 FreeBSD-openssh-portable-9.9.p1_1 reports back the false OpenSSH version as OpenSSH 9.9. However, it should be OpenSSH 9.9 p1.
To Reproduce
nmap -sS -Pn -sV 145.253.80.230 -p 2222
Expected behavior
Nmap maps the identified OpenSSH version to OpenSSH 9.9p1.
Instead, Nmap does not detect the p1:
Starting Nmap 7.95 ( https://nmap.org ) at 2025-05-12 11:57 CEST
Service scan sending probe NULL to 145.253.80.230:2222 (tcp)
NSOCK INFO [0.3230s] nsock_read(): Read request from IOD #1 [145.253.80.230:2222] (timeout: 6000ms) EID 18
NSOCK INFO [0.3800s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 18 [145.253.80.230:2222] (57 bytes): SSH-2.0-OpenSSH_9.9 FreeBSD-openssh-portable-9.9.p1_1,1..
Service scan hard match (Probe NULL matched with NULL line 3565): 145.253.80.230:2222 is ssh. Version: |OpenSSH|9.9|protocol 2.0|
Nmap scan report for 145.253.80.230
Host is up (0.050s latency).
PORT STATE SERVICE VERSION
2222/tcp open ssh OpenSSH 9.9 (protocol 2.0)
Service Info: OS: FreeBSD; CPE: cpe:/o:freebsd:freebsd
Version info (please complete the following information):
- Output of
nmap --version:
Nmap version 7.95 ( https://nmap.org )
Platform: x86_64-pc-linux-gnu
Compiled with: liblua-5.4.7 openssl-3.4.1 libssh2-1.11.1 libz-1.3.1 libpcre2-10.45 libpcap-1.10.5 nmap-libdnet-1.12 ipv6
Compiled without:
Available nsock engines: epoll poll select