CVE-2013-4885

Published: 26 October 2013

The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences.

Notes

Author	Note
jdstrand	see full-disclosure for PoC

Priority

Status

Package	Release	Status
nmap Launchpad, Ubuntu, Debian	lucid	Ignored (end of life)
	precise	Not vulnerable (code-not-present)
	quantal	Ignored (end of life)
	raring	Ignored (end of life)
	saucy	Released (6.40-0.1)
	trusty	Released (6.40-0.1)
	upstream	Released (6.40)

References

http://seclists.org/fulldisclosure/2013/Aug/67
https://www.cve.org/CVERecord?id=CVE-2013-4885
NVD
Launchpad
Debian

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719289

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›