4 matches found
CVE-2013-4885
The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences...
CVE-2013-4885
The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences...
CVE-2013-4885
CVE-2013-4885 affects the Nmap NSE script http-domino-enum-passwords.nse (pre-6.40). When domino-enum-passwords.idpath is set, a crafted FullName response can cause the remote server to write arbitrarily named files via directory traversal sequences. The vulnerability is tied to the NSE script lo...
Updated nmap package fixes CVE-2013-4885
Updated nmap packages fix security vulnerability: It is possible to write arbitrary files to a remote system, through a specially crafted server response for NMAP http-domino-enum-passwords.nse script from nmap before 6.40 CVE-2013-4885...