9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.8%
Sends a binding request to the server and attempts to extract version information from the response, if the server attribute is present.
See the documentation for the stun library.
nmap -sU -sV -p 3478 <target>
PORT STATE SERVICE VERSION
3478/udp open stun Vovida.org 0.96
local nmap = require "nmap"
local shortport = require "shortport"
local stun = require "stun"
local stdnse = require "stdnse"
description = [[
Sends a binding request to the server and attempts to extract version
information from the response, if the server attribute is present.
]]
---
-- @usage
-- nmap -sU -sV -p 3478 <target>
-- @output
-- PORT STATE SERVICE VERSION
-- 3478/udp open stun Vovida.org 0.96
--
author = "Patrik Karlsson"
license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
categories = {"version"}
portrule = shortport.version_port_or_service(3478, "stun", "udp")
local function fail(err) return stdnse.format_output(false, err) end
action = function(host, port)
local helper = stun.Helper:new(host, port)
local status = helper:connect()
if ( not(status) ) then
return fail("Failed to connect to server")
end
local status, result = helper:getVersion()
if ( not(status) ) then
return fail("Failed to retrieve external IP")
end
port.version.name = "stun"
port.version.product = result
nmap.set_port_state(host, port, "open")
nmap.set_port_version(host, port)
end
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.8%