Low: nmap

Issue Overview: The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload arbitrarily named files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences. Affected Packages:...

openSUSE Security Update : nmap (openSUSE-SU-2013:1561-1)

nmap was updated to fix the http-domino-enum-passwords scripts. If you ran the fortunately non-default http-domino-enum-passwords script with the fortunately also non-default domino-enum-passwords.idpath parameter against a malicious server, it could cause an arbitrarily named file to to be writt...

CVE-2013-4885

The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences...

MGASA-2013-0305 Updated nmap package fixes CVE-2013-4885

Updated nmap packages fix security vulnerability: It is possible to write arbitrary files to a remote system, through a specially crafted server response for NMAP http-domino-enum-passwords.nse script from nmap before 6.40 CVE-2013-4885...

Fedora 18 : nmap-6.40-1.fc18 (2013-14786)

updated for 6.40 - fixes CVE-2013-4885 nmap: arbitrary file upload flaw in http-domino-enum-passwords NSE script Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it...

Nmap NSE net: http-domino-enum-passwords

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...