CVE-2013-4885
26.10.2013, 17:55
The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences.Enginsight
| Vendor | Product | Version |
|---|---|---|
| nmap | nmap | 𝑥 ≤ 6.25 |
| nmap | nmap | 2.1:beta1 |
| nmap | nmap | 2.2:beta2 |
| nmap | nmap | 2.2:beta3 |
| nmap | nmap | 2.2:beta4 |
| nmap | nmap | 2.3:beta10 |
| nmap | nmap | 2.3:beta12 |
| nmap | nmap | 2.3:beta13 |
| nmap | nmap | 2.3:beta14 |
| nmap | nmap | 2.3:beta17 |
| nmap | nmap | 2.3:beta18 |
| nmap | nmap | 2.3:beta19 |
| nmap | nmap | 2.3:beta20 |
| nmap | nmap | 2.3:beta21 |
| nmap | nmap | 2.3:beta4 |
| nmap | nmap | 2.3:beta5 |
| nmap | nmap | 2.3:beta6 |
| nmap | nmap | 2.3:beta8 |
| nmap | nmap | 2.3:beta9 |
| nmap | nmap | 2.05 |
| nmap | nmap | 2.06 |
| nmap | nmap | 2.07 |
| nmap | nmap | 2.08 |
| nmap | nmap | 2.09 |
| nmap | nmap | 2.10 |
| nmap | nmap | 2.11 |
| nmap | nmap | 2.12 |
| nmap | nmap | 2.50 |
| nmap | nmap | 2.51 |
| nmap | nmap | 2.52 |
| nmap | nmap | 2.53 |
| nmap | nmap | 2.54:beta1 |
| nmap | nmap | 2.54:beta16 |
| nmap | nmap | 2.54:beta19 |
| nmap | nmap | 2.54:beta2 |
| nmap | nmap | 2.54:beta20 |
| nmap | nmap | 2.54:beta21 |
| nmap | nmap | 2.54:beta22 |
| nmap | nmap | 2.54:beta24 |
| nmap | nmap | 2.54:beta25 |
| nmap | nmap | 2.54:beta26 |
| nmap | nmap | 2.54:beta27 |
| nmap | nmap | 2.54:beta28 |
| nmap | nmap | 2.54:beta29 |
| nmap | nmap | 2.54:beta3 |
| nmap | nmap | 2.54:beta30 |
| nmap | nmap | 2.54:beta31 |
| nmap | nmap | 2.54:beta32 |
| nmap | nmap | 2.54:beta33 |
| nmap | nmap | 2.54:beta34 |
| nmap | nmap | 2.54:beta35 |
| nmap | nmap | 2.54:beta36 |
| nmap | nmap | 2.54:beta37 |
| nmap | nmap | 2.54:beta4 |
| nmap | nmap | 2.54:beta5 |
| nmap | nmap | 2.54:beta6 |
| nmap | nmap | 2.54:beta7 |
| nmap | nmap | 2.99:rc1 |
| nmap | nmap | 2.99:rc2 |
| nmap | nmap | 3.00 |
| nmap | nmap | 3.10:alpha1 |
| nmap | nmap | 3.10:alpha2 |
| nmap | nmap | 3.10:alpha3 |
| nmap | nmap | 3.10:alpha4 |
| nmap | nmap | 3.10:alpha5 |
| nmap | nmap | 3.10:alpha7 |
| nmap | nmap | 3.10:alpha9 |
| nmap | nmap | 3.15:beta1 |
| nmap | nmap | 3.15:beta2 |
| nmap | nmap | 3.15:beta3 |
| nmap | nmap | 3.20 |
| nmap | nmap | 3.25 |
| nmap | nmap | 3.26 |
| nmap | nmap | 3.27 |
| nmap | nmap | 3.28 |
| nmap | nmap | 3.30 |
| nmap | nmap | 3.40:pvt1 |
| nmap | nmap | 3.40:pvt10 |
| nmap | nmap | 3.40:pvt11 |
| nmap | nmap | 3.40:pvt12 |
| nmap | nmap | 3.40:pvt13 |
| nmap | nmap | 3.40:pvt14 |
| nmap | nmap | 3.40:pvt15 |
| nmap | nmap | 3.40:pvt16 |
| nmap | nmap | 3.40:pvt17 |
| nmap | nmap | 3.40:pvt2 |
| nmap | nmap | 3.40:pvt3 |
| nmap | nmap | 3.40:pvt4 |
| nmap | nmap | 3.40:pvt6 |
| nmap | nmap | 3.40:pvt7 |
| nmap | nmap | 3.40:pvt8 |
| nmap | nmap | 3.40:pvt9 |
| nmap | nmap | 3.45 |
| nmap | nmap | 3.48 |
| nmap | nmap | 3.50 |
| nmap | nmap | 3.55 |
| nmap | nmap | 3.70 |
| nmap | nmap | 3.75 |
| nmap | nmap | 3.81 |
| nmap | nmap | 3.90 |
| nmap | nmap | 3.91 |
| nmap | nmap | 3.93 |
| nmap | nmap | 3.94:alpha1 |
| nmap | nmap | 3.94:alpha2 |
| nmap | nmap | 3.94:alpha3 |
| nmap | nmap | 3.95 |
| nmap | nmap | 3.96:beta1 |
| nmap | nmap | 3.98:beta1 |
| nmap | nmap | 3.99 |
| nmap | nmap | 3.999 |
| nmap | nmap | 3.9999 |
| nmap | nmap | 4.00 |
| nmap | nmap | 4.01 |
| nmap | nmap | 4.02:alpha1 |
| nmap | nmap | 4.02:alpha2 |
| nmap | nmap | 4.03 |
| nmap | nmap | 4.04:beta1 |
| nmap | nmap | 4.10 |
| nmap | nmap | 4.11 |
| nmap | nmap | 4.20 |
| nmap | nmap | 4.20:alpha1 |
| nmap | nmap | 4.20:alpha10 |
| nmap | nmap | 4.20:alpha11 |
| nmap | nmap | 4.20:alpha2 |
| nmap | nmap | 4.20:alpha3 |
| nmap | nmap | 4.20:alpha4 |
| nmap | nmap | 4.20:alpha5 |
| nmap | nmap | 4.20:alpha6 |
| nmap | nmap | 4.20:alpha7 |
| nmap | nmap | 4.20:alpha8 |
| nmap | nmap | 4.20:alpha9 |
| nmap | nmap | 4.20:rc1 |
| nmap | nmap | 4.20:rc2 |
| nmap | nmap | 4.21:alpha1 |
| nmap | nmap | 4.21:alpha2 |
| nmap | nmap | 4.21:alpha3 |
| nmap | nmap | 4.21:alpha4 |
| nmap | nmap | 4.22:soc1 |
| nmap | nmap | 4.22:soc2 |
| nmap | nmap | 4.22:soc3 |
| nmap | nmap | 4.22:soc5 |
| nmap | nmap | 4.22:soc6 |
| nmap | nmap | 4.22:soc7 |
| nmap | nmap | 4.22:soc8 |
| nmap | nmap | 4.49:rc1 |
| nmap | nmap | 4.49:rc2 |
| nmap | nmap | 4.49:rc3 |
| nmap | nmap | 4.49:rc4 |
| nmap | nmap | 4.49:rc5 |
| nmap | nmap | 4.49:rc6 |
| nmap | nmap | 4.49:rc7 |
| nmap | nmap | 4.50 |
| nmap | nmap | 4.51:beta |
| nmap | nmap | 4.52 |
| nmap | nmap | 4.53 |
| nmap | nmap | 4.60 |
| nmap | nmap | 4.62 |
| nmap | nmap | 4.65 |
| nmap | nmap | 4.68 |
| nmap | nmap | 4.75 |
| nmap | nmap | 4.76 |
| nmap | nmap | 4.85:beta1 |
| nmap | nmap | 4.85:beta10 |
| nmap | nmap | 4.85:beta2 |
| nmap | nmap | 4.85:beta3 |
| nmap | nmap | 4.85:beta4 |
| nmap | nmap | 4.85:beta5 |
| nmap | nmap | 4.85:beta6 |
| nmap | nmap | 4.85:beta7 |
| nmap | nmap | 4.85:beta8 |
| nmap | nmap | 4.85:beta9 |
| nmap | nmap | 4.90:rc1 |
| nmap | nmap | 5.00 |
| nmap | nmap | 5.10:beta1 |
| nmap | nmap | 5.10:beta2 |
| nmap | nmap | 5.20 |
| nmap | nmap | 5.21 |
| nmap | nmap | 5.30:beta1 |
| nmap | nmap | 5.35:dc1 |
| nmap | nmap | 5.50 |
| nmap | nmap | 5.51 |
| nmap | nmap | 5.59:beta1 |
| nmap | nmap | 5.61:test1 |
| nmap | nmap | 5.61:test2 |
| nmap | nmap | 5.61:test4 |
| nmap | nmap | 5.61:test5 |
| nmap | nmap | 6.00 |
| nmap | nmap | 6.01 |
| nmap | nmap | 6.20:beta1 |
| opensuse | opensuse | 12.3 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
References