Vulnerability Description
The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nmap | Nmap | <= 6.25 |
| Opensuse | Opensuse | 12.3 |
References
- http://lists.opensuse.org/opensuse-updates/2013-10/msg00030.htmlVendor Advisory
- http://lists.opensuse.org/opensuse-updates/2013-10/msg00035.html
- http://nmap.org/changelog.html
- http://packetstormsecurity.com/files/122719/TWSL2013-025.txtExploit
- https://github.com/drk1wi/portspoof/commit/1791fe4e2b9e5b5c8e000551ab60a64a29d92ExploitPatch
- https://www.trustwave.com/spiderlabs/advisories/TWSL2013-025.txtExploit
- http://lists.opensuse.org/opensuse-updates/2013-10/msg00030.htmlVendor Advisory
- http://lists.opensuse.org/opensuse-updates/2013-10/msg00035.html
- http://nmap.org/changelog.html
- http://packetstormsecurity.com/files/122719/TWSL2013-025.txtExploit
- https://github.com/drk1wi/portspoof/commit/1791fe4e2b9e5b5c8e000551ab60a64a29d92ExploitPatch
- https://www.trustwave.com/spiderlabs/advisories/TWSL2013-025.txtExploit
FAQ
What is CVE-2013-4885?
CVE-2013-4885 is a vulnerability with a CVSS score of 6.8 (MEDIUM). The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a...
How severe is CVE-2013-4885?
CVE-2013-4885 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-4885?
Check the references section above for vendor advisories and patch information. Affected products include: Nmap Nmap, Opensuse Opensuse.