CVE-2013-4885

Publication date 26 October 2013

Last updated 24 July 2024

Description

The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
nmap	14.04 LTS trusty	Fixed 6.40-0.1
	13.10 saucy	Fixed 6.40-0.1
	13.04 raring	Ignored end of life
	12.10 quantal	Ignored end of life
	12.04 LTS precise	Not affected
	10.04 LTS lucid	Ignored end of life

How can I get the fixes?
What do statuses mean?

Notes

jdstrand

see full-disclosure for PoC

References

MITRE
NVD
Launchpad
Debian

Other references

http://seclists.org/fulldisclosure/2013/Aug/67
https://www.cve.org/CVERecord?id=CVE-2013-4885