CVE-2013-4885

CVE-2013-4885 affects the Nmap NSE script http-domino-enum-passwords.nse (pre-6.40). When domino-enum-passwords.idpath is set, a crafted FullName response can cause the remote server to write arbitrarily named files via directory traversal sequences. The vulnerability is tied to the NSE script lo...

MGASA-2013-0305 Updated nmap package fixes CVE-2013-4885

Updated nmap packages fix security vulnerability: It is possible to write arbitrary files to a remote system, through a specially crafted server response for NMAP http-domino-enum-passwords.nse script from nmap before 6.40 CVE-2013-4885...

Updated nmap package fixes CVE-2013-4885

Updated nmap packages fix security vulnerability: It is possible to write arbitrary files to a remote system, through a specially crafted server response for NMAP http-domino-enum-passwords.nse script from nmap before 6.40 CVE-2013-4885...

Nmap 任意文件写漏洞(CVE-2013-4885）

BUGTRAQ ID: 62024 CVECAN ID: CVE-2013-4885 nmap是一款用于网络发现（Network Discovery）和安全审计（Security Auditing）的网络安全工具，它是自由软件。 Nmap 6.25在http-domino-enum-passwords NSE脚本内存在任意文件上传漏洞，攻击者可利用此漏洞以当前用户权限写任意文件。 0 Nmap 6.25 厂商补丁： Nmap ---- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://nmap.org/download.html nmap --script...

Fedora 18 : nmap-6.40-1.fc18 (2013-14786)

updated for 6.40 - fixes CVE-2013-4885 nmap: arbitrary file upload flaw in http-domino-enum-passwords NSE script Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it...

http-default-accounts NSE Script

Tests for access with default credentials used by a variety of web applications and devices. It works similar to http-enum, we detect applications by matching known paths and launching a login routine using default credentials when found. This script depends on a fingerprint file containing the...

Nmap NSE 6.01: smb-enum-processes

Pulls a list of processes from the remote server over SMB. This will determine all running processes, their process IDs, and their parent processes. It is done by querying the remote registry service, which is disabled by default on Vista; on all other Windows versions, it requires Administrator...

Nmap NSE 6.01: smb-enum-domains

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Nmap NSE 6.01: smb-enum-groups

Obtains a list of groups from the remote Windows system, as well as a list of the group's users. This works similarly to 'enum.exe' with the '/G' switch. The following MSRPC functions in SAMR are used to find a list of groups and the RIDs of their users. Keep in mind that MSRPC refers to groups a...

Nmap NSE 6.01: citrix-enum-apps

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Nmap NSE 6.01: smb-enum-processes

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Nmap NSE 6.01: smb-enum-groups

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Nmap NSE 6.01: citrix-enum-servers

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Nmap NSE 6.01: smb-enum-users

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Nmap NSE 6.01: citrix-enum-servers-xml

Extracts the name of the server farm and member servers from Citrix XML service. OpenVAS Vulnerability Test $Id: gbnmap6citrixenumserversxml.nasl 7148 2017-09-15 13:01:14Z cfischer $ Autogenerated NSE wrapper Authors: NSE-Script: Patrik Karlsson NASL-Wrapper: autogenerated Copyright: NSE-Script:...

Nmap NSE 6.01: smb-enum-shares

Attempts to list shares using the 'srvsvc.NetShareEnumAll' MSRPC function and retrieve more information about them using 'srvsvc.NetShareGetInfo'. If access to those functions is denied, a list of common share names are checked. Finding open shares is useful to a penetration tester because there...

Nmap NSE 6.01: smb-enum-shares

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Nmap NSE 6.01: http-enum

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Nmap NSE 6.01: citrix-enum-apps-xml

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Nmap NSE 6.01: smb-enum-sessions

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...