Vulnerabilites related to nmap - nmap
Vulnerability from fkie_nvd
Published
2018-04-18 19:29
Modified
2024-11-21 03:39
Severity ?
Summary
nmap version 6.49BETA6 through 7.60, up to and including SVN revision 37147 contains a Directory Traversal vulnerability in NSE script http-fetch that can result in file overwrite as the user is running it. This attack appears to be exploitable via a victim that runs NSE script http-fetch against a malicious web site. This vulnerability appears to have been fixed in 7.7.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://nmap.org/changelog.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nmap.org/changelog.html | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nmap:nmap:6.49:beta6:*:*:*:*:*:*",
"matchCriteriaId": "87A2B5F1-2033-411C-83E3-4EDEC00E289B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:7.00:*:*:*:*:*:*:*",
"matchCriteriaId": "EE253986-A47A-4D92-83B1-5014A2208D22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:7.01:*:*:*:*:*:*:*",
"matchCriteriaId": "B2EB4EC8-8270-4675-9514-AF3668419D09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1E553C8B-8EBD-4846-A7A1-2454DD57601C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7A6DBD-F0F2-4205-9B98-E25809A6E87E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:7.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4D560418-318D-4855-BA20-85D1B6562F3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:7.25:beta1:*:*:*:*:*:*",
"matchCriteriaId": "2BBB311A-7E25-4AE3-833D-C1FEA784A91C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:7.25:beta2:*:*:*:*:*:*",
"matchCriteriaId": "ADF8E1F6-BE1C-4601-A6CF-4D5582C6C6AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "FB1A26D7-A223-45F3-A9D5-42C08324B966",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:7.31:*:*:*:*:*:*:*",
"matchCriteriaId": "ABABCD73-B714-4970-8EAA-FF2AB3A225DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F8F8C0C9-00B8-4BA9-BA8B-D0FB7A775350",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "A5F4345A-DF4F-4E1A-A313-B285D53981C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:7.60:*:*:*:*:*:*:*",
"matchCriteriaId": "10541C69-BE34-4F2F-8261-9C4D7FB0CAED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "nmap version 6.49BETA6 through 7.60, up to and including SVN revision 37147 contains a Directory Traversal vulnerability in NSE script http-fetch that can result in file overwrite as the user is running it. This attack appears to be exploitable via a victim that runs NSE script http-fetch against a malicious web site. This vulnerability appears to have been fixed in 7.7."
},
{
"lang": "es",
"value": "nmap, de la versi\u00f3n 6.49BETA6 hasta la 7.60, hasta e incluyendo la revisi\u00f3n SVN 37147, contiene una vulnerabilidad de salto de directorio de salto de directorio en el script NSE http-fetch que puede resultar en la sobrescritura de archivos seg\u00fan el usuario lo ejecuta. Este ataque parece ser explotable mediante una v\u00edctima que ejecuta el script NSE http-fetch contra un sitio web malicioso. La vulnerabilidad parece haber sido solucionada en la versi\u00f3n 7.7."
}
],
"id": "CVE-2018-1000161",
"lastModified": "2024-11-21T03:39:49.383",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-18T19:29:00.503",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://nmap.org/changelog.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://nmap.org/changelog.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-08-08 00:29
Modified
2024-11-21 03:50
Severity ?
Summary
Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted TCP-based service.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nmap:nmap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29FFFC82-6A5C-47E0-9545-1458A846824B",
"versionEndIncluding": "7.70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted TCP-based service."
},
{
"lang": "es",
"value": "Nmap hasta la versi\u00f3n 7.70, cuando se emplea la opci\u00f3n -sV, permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (consumo de pila y cierre inesperado de la aplicaci\u00f3n) mediante un servicio manipulado basado en TCP."
}
],
"id": "CVE-2018-15173",
"lastModified": "2024-11-21T03:50:27.377",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-08-08T00:29:01.677",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://code610.blogspot.com/2018/07/crashing-nmap-760.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://code610.blogspot.com/2018/07/crashing-nmap-770.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00067.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00073.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00075.html"
},
{
"source": "cve@mitre.org",
"url": "https://security.netapp.com/advisory/ntap-20200827-0004/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://code610.blogspot.com/2018/07/crashing-nmap-760.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://code610.blogspot.com/2018/07/crashing-nmap-770.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00073.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00075.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20200827-0004/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-29 00:15
Modified
2024-11-21 03:20
Severity ?
Summary
nse_libssh2.cc in Nmap 7.70 is subject to a denial of service condition due to a double free when an SSH connection fails, as demonstrated by a leading \n character to ssh-brute.nse or ssh-auth-methods.nse.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nmap:nmap:7.70:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2B2815-27CD-4A22-9394-332073CF9970",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "nse_libssh2.cc in Nmap 7.70 is subject to a denial of service condition due to a double free when an SSH connection fails, as demonstrated by a leading \\n character to ssh-brute.nse or ssh-auth-methods.nse."
},
{
"lang": "es",
"value": "nse_libssh2.cc en Nmap 7.70 est\u00e1 sujeto a una condici\u00f3n de denegaci\u00f3n de servicio debido a una doble liberaci\u00f3n cuando se produce un error en una conexi\u00f3n SSH, como lo demuestra un car\u00e1cter principal de .n a ssh-brute.nse o ssh-auth-methods.nse."
}
],
"id": "CVE-2017-18594",
"lastModified": "2024-11-21T03:20:28.903",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-29T00:15:10.467",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00073.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00075.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/AMatchandaHaystack/Research/blob/master/Nmap%26libsshDF"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/nmap/nmap/commit/350bbe0597d37ad67abe5fef8fba984707b4e9ad"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/nmap/nmap/issues/1077"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/nmap/nmap/issues/1227"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/nmap-announce/2019/0"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/nmap-dev/2018/q2/45"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00073.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00075.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/AMatchandaHaystack/Research/blob/master/Nmap%26libsshDF"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/nmap/nmap/commit/350bbe0597d37ad67abe5fef8fba984707b4e9ad"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/nmap/nmap/issues/1077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/nmap/nmap/issues/1227"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/nmap-announce/2019/0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/nmap-dev/2018/q2/45"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-415"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-26 17:55
Modified
2024-11-21 01:56
Severity ?
Summary
The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nmap:nmap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1B0264-5156-41A6-A35B-05740742657C",
"versionEndIncluding": "6.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.1:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E7063468-EC86-461D-926C-810D53979AB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.2:beta2:*:*:*:*:*:*",
"matchCriteriaId": "F7AA0DAB-6979-4975-9D0C-4C56737AADE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.2:beta3:*:*:*:*:*:*",
"matchCriteriaId": "F8734E45-0122-4BC5-B6A8-875D5FB5B7E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.2:beta4:*:*:*:*:*:*",
"matchCriteriaId": "421469E9-DBC0-4C7C-A466-A79CFBDE86C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.3:beta10:*:*:*:*:*:*",
"matchCriteriaId": "5FADE3B5-6F91-40C7-9DA4-2101017336AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.3:beta12:*:*:*:*:*:*",
"matchCriteriaId": "48C10B80-3619-4946-93C7-BE9DFC13AAA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.3:beta13:*:*:*:*:*:*",
"matchCriteriaId": "9299A0E0-21C7-4B94-9614-5733A9A09C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.3:beta14:*:*:*:*:*:*",
"matchCriteriaId": "CA2F505C-09CA-458C-9A52-B9D05AD886BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.3:beta17:*:*:*:*:*:*",
"matchCriteriaId": "FBA846FD-777A-431B-9BFF-370015AEA372",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.3:beta18:*:*:*:*:*:*",
"matchCriteriaId": "C90A0358-2561-46DA-A7BE-878979F31E08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.3:beta19:*:*:*:*:*:*",
"matchCriteriaId": "9D3BF30F-DDD9-44D7-8941-CD635F8ADD89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.3:beta20:*:*:*:*:*:*",
"matchCriteriaId": "59EAB8EF-B09C-413C-BA8F-6D8EC07FCA37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.3:beta21:*:*:*:*:*:*",
"matchCriteriaId": "2E8264EC-283F-466F-846E-BC8111762062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.3:beta4:*:*:*:*:*:*",
"matchCriteriaId": "D9AA26A1-782C-4FE4-8A12-31A63B1B3267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.3:beta5:*:*:*:*:*:*",
"matchCriteriaId": "9085DDAC-F299-4612-877F-9975ED8B25DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.3:beta6:*:*:*:*:*:*",
"matchCriteriaId": "3EB2F4D3-D0F9-4D21-9E62-D0F19CBABA56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.3:beta8:*:*:*:*:*:*",
"matchCriteriaId": "CD8CB30C-7DA5-472E-B7BC-E4ABCB5DE3D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.3:beta9:*:*:*:*:*:*",
"matchCriteriaId": "D5B24F01-0459-49EB-A4CD-B1570F2537C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.05:*:*:*:*:*:*:*",
"matchCriteriaId": "EC95FFAE-382D-45A6-9F15-D558FA9F9915",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.06:*:*:*:*:*:*:*",
"matchCriteriaId": "4ACE9774-0280-4113-A133-AFF4E1CB87F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.07:*:*:*:*:*:*:*",
"matchCriteriaId": "30C6DB26-A09A-4F43-A7AC-198FBB20CDCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "F536CB59-5EC0-47C0-929E-553843F23226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.09:*:*:*:*:*:*:*",
"matchCriteriaId": "251DBBF9-4DE6-49CB-81F6-FF4A193C98AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3336E6C8-F23B-4750-919B-AA64FFC73F63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "DD882D17-B8DD-4718-8979-BA6BB8B24B12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "51C656AD-F6F0-49D0-8B2C-A98A4BE9F1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.50:*:*:*:*:*:*:*",
"matchCriteriaId": "3B64171F-4E9B-462A-AE4C-2CBC0CBA916E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.51:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3816E-5080-491A-A873-9C322E7808C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.52:*:*:*:*:*:*:*",
"matchCriteriaId": "35616F8C-8401-478F-A74D-C8450806B7D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.53:*:*:*:*:*:*:*",
"matchCriteriaId": "757427E6-3E7E-4E5F-9D76-BB8F8ED7F4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta1:*:*:*:*:*:*",
"matchCriteriaId": "557D4542-AF34-4448-81AB-8FA3BA774F7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta16:*:*:*:*:*:*",
"matchCriteriaId": "DA2FB3F3-41E4-46DD-A348-03053FC2A8C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta19:*:*:*:*:*:*",
"matchCriteriaId": "1EA7B350-414C-4636-AA68-088D2F0074CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta2:*:*:*:*:*:*",
"matchCriteriaId": "DBD712B3-8D20-4978-BADD-7EB742C4A177",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta20:*:*:*:*:*:*",
"matchCriteriaId": "1390AC75-849C-47A7-9058-7552A8E1C1DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta21:*:*:*:*:*:*",
"matchCriteriaId": "82120544-CB53-481B-84FE-78A2644A4E4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta22:*:*:*:*:*:*",
"matchCriteriaId": "0D5B5B7D-5F48-4292-8364-D796D3DFD48C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta24:*:*:*:*:*:*",
"matchCriteriaId": "23407161-DB81-47A9-A852-0615CBFACE51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta25:*:*:*:*:*:*",
"matchCriteriaId": "FE8D0BD7-9215-40B0-87F8-082D2BA882E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta26:*:*:*:*:*:*",
"matchCriteriaId": "1575A956-C4AE-4FEE-878A-47B80E00A039",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta27:*:*:*:*:*:*",
"matchCriteriaId": "BD3914AC-4D09-4D8C-89FC-028AD956EC60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta28:*:*:*:*:*:*",
"matchCriteriaId": "7DEA9986-9274-4F80-A1EF-B934E196F359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta29:*:*:*:*:*:*",
"matchCriteriaId": "3DD8383E-9A97-4C7E-A4A7-DF898411D7A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta3:*:*:*:*:*:*",
"matchCriteriaId": "635BF98C-CEF9-45D4-B2A8-5F8C448121F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta30:*:*:*:*:*:*",
"matchCriteriaId": "526573F4-84C0-4F68-B489-B8C4D45DD773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta31:*:*:*:*:*:*",
"matchCriteriaId": "057DFE41-ACCC-4CAA-8011-B08A693328A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta32:*:*:*:*:*:*",
"matchCriteriaId": "9EAA36AB-730F-4FC2-8EAE-F88B2E0D223E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta33:*:*:*:*:*:*",
"matchCriteriaId": "09F9ABC4-C917-4792-966F-1887ACBC24E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta34:*:*:*:*:*:*",
"matchCriteriaId": "868162FF-A4D9-4B01-9887-66C524A61AE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta35:*:*:*:*:*:*",
"matchCriteriaId": "BA8DAF99-DAC4-4318-89B7-B286E4750E9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta36:*:*:*:*:*:*",
"matchCriteriaId": "02EAC95D-DB13-4EBC-BF7F-DABCD6E2050C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta37:*:*:*:*:*:*",
"matchCriteriaId": "42C89033-5F05-4A4F-B071-BBF585DA3420",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta4:*:*:*:*:*:*",
"matchCriteriaId": "34A70CE2-03DB-4A9A-B8C9-AF54BA1501F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta5:*:*:*:*:*:*",
"matchCriteriaId": "8E6EFD25-11BA-4A96-9B65-45BEDB89F205",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta6:*:*:*:*:*:*",
"matchCriteriaId": "096A8CBA-5D67-4188-B927-C3F5F4408149",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.54:beta7:*:*:*:*:*:*",
"matchCriteriaId": "9F7E447B-0AED-4C23-8CD1-8B39AAF2E462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.99:rc1:*:*:*:*:*:*",
"matchCriteriaId": "13CB37D0-DBC4-4176-810B-1DC3A1E8A4C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:2.99:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4898AA81-C7F1-4DC7-998E-D4F4EDABD43B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "861A8B34-FB89-44A5-8F7B-F835388E88B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.10:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "55D2AE06-79EC-45A0-B83D-D7EFFB6EF98E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.10:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "79B09DD4-A4A7-498F-B1A2-AB50A531F25D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.10:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "A5581E76-D439-4067-B7D0-868B35497B34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.10:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "FE39B4CB-D6F4-4F64-8439-AF11E5C872FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.10:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "5C73107D-54ED-4723-89D4-759399238BAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.10:alpha7:*:*:*:*:*:*",
"matchCriteriaId": "16543FC8-B008-47F5-B970-A5E2E106EC8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.10:alpha9:*:*:*:*:*:*",
"matchCriteriaId": "EC11DA73-9DDB-47F5-90ED-026B7B4D8CA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.15:beta1:*:*:*:*:*:*",
"matchCriteriaId": "BDBA2F9B-8845-47ED-9069-C76C487ABF06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.15:beta2:*:*:*:*:*:*",
"matchCriteriaId": "320E991D-440F-43EB-B143-43D3327B94D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.15:beta3:*:*:*:*:*:*",
"matchCriteriaId": "67AFC2BE-8C81-4C56-89B0-2C30EA3CFD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "5646D213-4508-4964-9038-1F410E2978DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.25:*:*:*:*:*:*:*",
"matchCriteriaId": "F75F8DF4-FB77-4D1E-AF21-D034C5420C33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.26:*:*:*:*:*:*:*",
"matchCriteriaId": "AA08E13C-D354-4254-886B-699BE4A8D303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.27:*:*:*:*:*:*:*",
"matchCriteriaId": "36FBCF0F-8CEE-474C-8A04-5075AF53FAF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.28:*:*:*:*:*:*:*",
"matchCriteriaId": "20854C2A-509D-48F0-8292-E0F449D82685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.30:*:*:*:*:*:*:*",
"matchCriteriaId": "CF73C7A1-21D2-4606-8BCF-950EFD5B2FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.40:pvt1:*:*:*:*:*:*",
"matchCriteriaId": "6D2C3D0A-EFA7-4180-BCEC-DC3CF66EF090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.40:pvt10:*:*:*:*:*:*",
"matchCriteriaId": "9EB08013-05AA-4098-B40E-8CAB3D2F929D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.40:pvt11:*:*:*:*:*:*",
"matchCriteriaId": "00B3AFB1-C124-4CC9-A9E2-58611627E1B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.40:pvt12:*:*:*:*:*:*",
"matchCriteriaId": "FDA3CA70-5B47-43AA-833F-28B2E6E19D17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.40:pvt13:*:*:*:*:*:*",
"matchCriteriaId": "60048C77-A08C-4903-A6C4-2FFDC911A174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.40:pvt14:*:*:*:*:*:*",
"matchCriteriaId": "C3F85821-223D-46A8-BB81-60B2D90EC46A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.40:pvt15:*:*:*:*:*:*",
"matchCriteriaId": "E8772CB8-0B55-4502-AECE-0C5454114200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.40:pvt16:*:*:*:*:*:*",
"matchCriteriaId": "D88CC39D-CB20-40BE-B92E-E1AE8883292D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.40:pvt17:*:*:*:*:*:*",
"matchCriteriaId": "AFB62F56-94FC-40B3-85DB-7D6892381DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.40:pvt2:*:*:*:*:*:*",
"matchCriteriaId": "295D4CC8-D4F7-406A-B6E5-AE3F82B81821",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.40:pvt3:*:*:*:*:*:*",
"matchCriteriaId": "2A3A57D5-3770-4666-B59F-943824E01E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.40:pvt4:*:*:*:*:*:*",
"matchCriteriaId": "67F58486-6D1F-4F12-A0BD-572EFECE50E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.40:pvt6:*:*:*:*:*:*",
"matchCriteriaId": "F50128D6-F00C-4414-9810-3B93D9DEF52E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.40:pvt7:*:*:*:*:*:*",
"matchCriteriaId": "6BC62705-61FA-4DB4-9F95-5092FA4F26B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.40:pvt8:*:*:*:*:*:*",
"matchCriteriaId": "1AAF3E21-F128-43FA-81AA-3CA9661C910F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.40:pvt9:*:*:*:*:*:*",
"matchCriteriaId": "C2CE5176-9A4B-4923-BA0A-C2D62319B006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.45:*:*:*:*:*:*:*",
"matchCriteriaId": "B5281C6C-B8C0-4100-B6B7-F86364DC3CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.48:*:*:*:*:*:*:*",
"matchCriteriaId": "A5678424-1E95-43DC-9538-C29BA2579E86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.50:*:*:*:*:*:*:*",
"matchCriteriaId": "6A2A496F-200D-47C9-86FD-7F4D957E3F36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.55:*:*:*:*:*:*:*",
"matchCriteriaId": "37AA0103-683D-465C-B2AC-EC024E733228",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.70:*:*:*:*:*:*:*",
"matchCriteriaId": "304910C1-B02E-4359-8CBD-B8E7D1057F10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.75:*:*:*:*:*:*:*",
"matchCriteriaId": "F7199A3C-812C-4B80-A8F1-BA7112E651FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.81:*:*:*:*:*:*:*",
"matchCriteriaId": "3748A8B5-83E1-4030-B30B-7C65F2D27EDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.90:*:*:*:*:*:*:*",
"matchCriteriaId": "66F62F45-B3FC-4697-BCE1-F56F5EAF040F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.91:*:*:*:*:*:*:*",
"matchCriteriaId": "26144820-505A-4D98-8716-2D9D96E079E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.93:*:*:*:*:*:*:*",
"matchCriteriaId": "365D3746-E367-45A4-BA13-9E74DF350C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.94:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "74C30398-70DD-4C7C-883E-4C30C455FEF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.94:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "D9884C7B-3F57-496E-A18C-C066D7D2C2D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.94:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "015B75BA-C198-40CE-81B4-B4FFD272D549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.95:*:*:*:*:*:*:*",
"matchCriteriaId": "5B1BA633-8F1F-4973-8C76-C3A27A8B2DD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.96:beta1:*:*:*:*:*:*",
"matchCriteriaId": "EAA387E6-5624-4AB3-9787-0C8B8125C3BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.98:beta1:*:*:*:*:*:*",
"matchCriteriaId": "C90E1FEA-3B21-4786-A662-4EC873551638",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.99:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7B68E7-7615-4F52-A46B-3AE854DB21C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.999:*:*:*:*:*:*:*",
"matchCriteriaId": "041B0CEB-B0D8-4199-B6F2-E898904F6111",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:3.9999:*:*:*:*:*:*:*",
"matchCriteriaId": "66AF5C8C-CCB9-4156-8878-9864C91B7450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.00:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE259F4-96FA-47BD-ABE3-CAB3B1358BAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.01:*:*:*:*:*:*:*",
"matchCriteriaId": "7BDDFDB9-074C-4337-84FD-2F74CBE39ABD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.02:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "2FE27593-831B-423F-8490-9166A172095C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.02:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "0BF750F0-A20E-46D7-91C5-37CE0E86FAA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.03:*:*:*:*:*:*:*",
"matchCriteriaId": "886E14D8-74F9-4E9E-B90B-5D7D94781AB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.04:beta1:*:*:*:*:*:*",
"matchCriteriaId": "C48F36F2-FC6E-48FD-BBE9-69C95C2D8885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "60429C70-4D4E-4B1F-8646-2B68EA732BDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EA03162D-6094-4E63-9DD7-4E257921063E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C48569-7083-4F9A-A5DD-9BB828CF3D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.20:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "E6C44146-B443-4903-B5F9-31290B00989D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.20:alpha10:*:*:*:*:*:*",
"matchCriteriaId": "9B11FA0A-9F41-4A01-BD4A-51BF3806442E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.20:alpha11:*:*:*:*:*:*",
"matchCriteriaId": "B96BCBA3-4DD6-4057-BF5E-6BCB3EB21771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.20:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "3321D2A3-1967-4839-B1E3-22CF8B54411D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.20:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "DCDE86B0-C70C-46EB-B989-FE97B6FF8D8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.20:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "9AC2AE33-CAB8-4508-ADBD-DBDD9C6FCAB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.20:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "EFCA060C-33A1-42FA-9A95-ED41F343B054",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.20:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "25FA5768-DD8F-4001-832E-FC09FAC75922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.20:alpha7:*:*:*:*:*:*",
"matchCriteriaId": "11CC2366-AF9C-4629-B932-826977B5AE9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.20:alpha8:*:*:*:*:*:*",
"matchCriteriaId": "3A328954-3F31-41E4-A2D3-8851BD1C7C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.20:alpha9:*:*:*:*:*:*",
"matchCriteriaId": "2AE80B22-274D-4798-9D02-A19566F0ADCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.20:rc1:*:*:*:*:*:*",
"matchCriteriaId": "2F999815-120E-472D-809D-3ABA603E669F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.20:rc2:*:*:*:*:*:*",
"matchCriteriaId": "C9899DEB-B3AC-447B-9EB5-4E0F6A35A3D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.21:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "6944E30C-62F2-4CCF-880E-3C8B133D5D72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.21:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "95CBEC8D-F59C-4680-BEA4-0F3D073C8187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.21:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "AD688C08-6CC5-4E2A-BBBC-06153A383FB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.21:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "E8E6B462-33D6-43A0-9C2D-9FCA12E9ED05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.22:soc1:*:*:*:*:*:*",
"matchCriteriaId": "74E4CB7F-8EBB-4C30-996D-6796BFD02597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.22:soc2:*:*:*:*:*:*",
"matchCriteriaId": "18C2F93C-F870-4DFA-ABA1-160ED8623865",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.22:soc3:*:*:*:*:*:*",
"matchCriteriaId": "72F779D3-FA5A-4F13-B346-6F1A1884F3DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.22:soc5:*:*:*:*:*:*",
"matchCriteriaId": "8A256DCF-5512-4B48-BA3E-D1F8B8E0AA77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.22:soc6:*:*:*:*:*:*",
"matchCriteriaId": "891A3278-80C3-4947-8759-1D8F14B7FDBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.22:soc7:*:*:*:*:*:*",
"matchCriteriaId": "1A12EB96-042E-43D0-810B-1CD748D0DC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.22:soc8:*:*:*:*:*:*",
"matchCriteriaId": "97C0F3CC-BADB-4C45-B9E9-D85C372F3688",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.49:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CB52E446-B875-418E-A773-2538A4CFBE2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.49:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A598BA3B-337C-4A93-91D3-53C50F5F5B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.49:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0BDD1C26-2DB1-4F12-BF9D-972CD386334B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.49:rc4:*:*:*:*:*:*",
"matchCriteriaId": "BE1B258A-D30F-48BA-92AD-16C2339FC6A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.49:rc5:*:*:*:*:*:*",
"matchCriteriaId": "9FC49E64-BA10-488A-9D80-A21A51AE8D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.49:rc6:*:*:*:*:*:*",
"matchCriteriaId": "F3AFF051-239C-48B0-BE7B-0FCBCBC6CFDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.49:rc7:*:*:*:*:*:*",
"matchCriteriaId": "B4F3A040-2CD7-4016-B843-3B7C5BA69199",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.50:*:*:*:*:*:*:*",
"matchCriteriaId": "A798876A-D615-4E6B-8996-EABECB9DB5A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.51:beta:*:*:*:*:*:*",
"matchCriteriaId": "CFD43365-53FD-476B-AB12-F2D29AFBB77B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.52:*:*:*:*:*:*:*",
"matchCriteriaId": "EC13276F-E4BE-484F-8584-93675907E5F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.53:*:*:*:*:*:*:*",
"matchCriteriaId": "28C18606-9572-4DDB-8E07-13D86976DF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "2F58EA75-AB1B-4416-BFBA-99BBB3DBF77A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.62:*:*:*:*:*:*:*",
"matchCriteriaId": "31EEE645-4B18-4392-8ECA-E341637CAEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.65:*:*:*:*:*:*:*",
"matchCriteriaId": "9BCA2BDE-6C97-4721-A4FA-492C311EEEEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.68:*:*:*:*:*:*:*",
"matchCriteriaId": "6902C5C7-D711-4B87-B7CA-7BA7DB406965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.75:*:*:*:*:*:*:*",
"matchCriteriaId": "75901602-D54F-41BB-AE2D-3C6BDDE52B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.76:*:*:*:*:*:*:*",
"matchCriteriaId": "5052058F-4F20-4DF1-B755-05F0E0BFB6D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.85:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B7366B60-E8CC-49B6-80E5-689CE27BD259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.85:beta10:*:*:*:*:*:*",
"matchCriteriaId": "C5EF2C23-E871-4BF5-BCBA-B4DA1E874401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.85:beta2:*:*:*:*:*:*",
"matchCriteriaId": "548AF641-E463-427E-8079-89A2BC4638B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.85:beta3:*:*:*:*:*:*",
"matchCriteriaId": "FF10FA71-AFA4-40B2-9DA9-FF10C0AD2995",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.85:beta4:*:*:*:*:*:*",
"matchCriteriaId": "3F6F0326-008E-49C7-9485-0A2FD8550A63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.85:beta5:*:*:*:*:*:*",
"matchCriteriaId": "F3D830E8-8714-441F-8488-C94268BCC6C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.85:beta6:*:*:*:*:*:*",
"matchCriteriaId": "972EAA2C-C33E-42BD-820C-66FECC536423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.85:beta7:*:*:*:*:*:*",
"matchCriteriaId": "7F62B2B7-0C04-45BE-806F-E8AACBBD4A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.85:beta8:*:*:*:*:*:*",
"matchCriteriaId": "6E31F9CF-56D4-413E-A7CC-46B0AA8D8D6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.85:beta9:*:*:*:*:*:*",
"matchCriteriaId": "ED625C1D-C31D-4052-966E-9D3CDDDA3E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:4.90:rc1:*:*:*:*:*:*",
"matchCriteriaId": "BB56CAE5-1ABF-4AE0-8F64-CD31BD1B76B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:5.00:*:*:*:*:*:*:*",
"matchCriteriaId": "CE5E2602-2E22-42F0-B46F-9B83A2B5855C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:5.10:beta1:*:*:*:*:*:*",
"matchCriteriaId": "50FE33A5-A61C-478C-883A-51BCC8B72FF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:5.10:beta2:*:*:*:*:*:*",
"matchCriteriaId": "2E03027A-3FC0-483B-B5F5-93C699B3C107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:5.20:*:*:*:*:*:*:*",
"matchCriteriaId": "3B82CEEB-B9B7-4BE0-A44A-7FD43F5EE155",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "571FE113-ED11-4B5C-8B70-243B10B51673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:5.30:beta1:*:*:*:*:*:*",
"matchCriteriaId": "82E5C500-097B-44DF-8F4A-12A65695B83A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:5.35:dc1:*:*:*:*:*:*",
"matchCriteriaId": "8D964088-54FE-4E27-927E-ECA3270DB923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:5.50:*:*:*:*:*:*:*",
"matchCriteriaId": "1A797D95-63FC-4EA2-8371-8FA7CB68C73F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:5.51:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CAB653-9A32-40CF-9214-42611246CA74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:5.59:beta1:*:*:*:*:*:*",
"matchCriteriaId": "472B703A-4D6D-41EE-B07D-CA49F7A9A34C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:5.61:test1:*:*:*:*:*:*",
"matchCriteriaId": "ED70CB2C-2265-4C74-8D5C-7134BE81B12C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:5.61:test2:*:*:*:*:*:*",
"matchCriteriaId": "80201AA2-1967-4288-98AC-CADB24A20718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:5.61:test4:*:*:*:*:*:*",
"matchCriteriaId": "0A682821-BCDB-4BC8-A33B-ADD61DE8F431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:5.61:test5:*:*:*:*:*:*",
"matchCriteriaId": "370F39A2-7A3F-41B9-98DE-73E8015D0934",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:6.00:*:*:*:*:*:*:*",
"matchCriteriaId": "4354E70E-364E-4B65-BACC-6325F9EDF682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:6.01:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD0FD49-358A-40B6-80C3-DA9DC1A8D155",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nmap:nmap:6.20:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B9324319-32C6-4C28-96A2-B67B2DAC7E70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload \"arbitrarily named\" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences."
},
{
"lang": "es",
"value": "El script http-domino-enum-passwords.nse en NMap anterior a la versi\u00f3n 6.40, cuando se establece domino-enum-passwords.idpath, permite a atacantes remotos subir archivos arbitrariamente nombrados a trav\u00e9s de un par\u00e1metro FullName en la respuesta, como se demuestra usando secuencias de salto de directorio."
}
],
"evaluatorComment": "CWE-434: Unrestricted Upload of File with Dangerous Type per http://cwe.mitre.org/data/definitions/434.html",
"id": "CVE-2013-4885",
"lastModified": "2024-11-21T01:56:38.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-26T17:55:03.387",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00030.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00035.html"
},
{
"source": "cve@mitre.org",
"url": "http://nmap.org/changelog.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/122719/TWSL2013-025.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "https://github.com/drk1wi/portspoof/commit/1791fe4e2b9e5b5c8e000551ab60a64a29d924c3"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2013-025.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00035.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://nmap.org/changelog.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/122719/TWSL2013-025.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://github.com/drk1wi/portspoof/commit/1791fe4e2b9e5b5c8e000551ab60a64a29d924c3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2013-025.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2013-4885
Vulnerability from cvelistv5
Published
2013-10-26 17:00
Modified
2024-08-06 16:59
Severity ?
EPSS score ?
Summary
The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.trustwave.com/spiderlabs/advisories/TWSL2013-025.txt | x_refsource_MISC | |
| http://lists.opensuse.org/opensuse-updates/2013-10/msg00030.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-updates/2013-10/msg00035.html | vendor-advisory, x_refsource_SUSE | |
| http://packetstormsecurity.com/files/122719/TWSL2013-025.txt | x_refsource_MISC | |
| http://nmap.org/changelog.html | x_refsource_CONFIRM | |
| https://github.com/drk1wi/portspoof/commit/1791fe4e2b9e5b5c8e000551ab60a64a29d924c3 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:40.513Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2013-025.txt"
},
{
"name": "openSUSE-SU-2013:1561",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00030.html"
},
{
"name": "openSUSE-SU-2013:1579",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00035.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/122719/TWSL2013-025.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://nmap.org/changelog.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/drk1wi/portspoof/commit/1791fe4e2b9e5b5c8e000551ab60a64a29d924c3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload \"arbitrarily named\" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-12-01T17:26:34",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2013-025.txt"
},
{
"name": "openSUSE-SU-2013:1561",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00030.html"
},
{
"name": "openSUSE-SU-2013:1579",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00035.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/122719/TWSL2013-025.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://nmap.org/changelog.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/drk1wi/portspoof/commit/1791fe4e2b9e5b5c8e000551ab60a64a29d924c3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4885",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload \"arbitrarily named\" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.trustwave.com/spiderlabs/advisories/TWSL2013-025.txt",
"refsource": "MISC",
"url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2013-025.txt"
},
{
"name": "openSUSE-SU-2013:1561",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00030.html"
},
{
"name": "openSUSE-SU-2013:1579",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00035.html"
},
{
"name": "http://packetstormsecurity.com/files/122719/TWSL2013-025.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/122719/TWSL2013-025.txt"
},
{
"name": "http://nmap.org/changelog.html",
"refsource": "CONFIRM",
"url": "http://nmap.org/changelog.html"
},
{
"name": "https://github.com/drk1wi/portspoof/commit/1791fe4e2b9e5b5c8e000551ab60a64a29d924c3",
"refsource": "MISC",
"url": "https://github.com/drk1wi/portspoof/commit/1791fe4e2b9e5b5c8e000551ab60a64a29d924c3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4885",
"datePublished": "2013-10-26T17:00:00",
"dateReserved": "2013-07-22T00:00:00",
"dateUpdated": "2024-08-06T16:59:40.513Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-15173
Vulnerability from cvelistv5
Published
2018-08-08 00:00
Modified
2024-08-05 09:46
Severity ?
EPSS score ?
Summary
Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted TCP-based service.
References
| ▼ | URL | Tags |
|---|---|---|
| http://code610.blogspot.com/2018/07/crashing-nmap-770.html | x_refsource_MISC | |
| http://code610.blogspot.com/2018/07/crashing-nmap-760.html | x_refsource_MISC | |
| http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00067.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00073.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00075.html | vendor-advisory, x_refsource_SUSE | |
| https://security.netapp.com/advisory/ntap-20200827-0004/ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:46:25.504Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code610.blogspot.com/2018/07/crashing-nmap-770.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code610.blogspot.com/2018/07/crashing-nmap-760.html"
},
{
"name": "openSUSE-SU-2019:1462",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00067.html"
},
{
"name": "openSUSE-SU-2019:2198",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00073.html"
},
{
"name": "openSUSE-SU-2019:2200",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00075.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200827-0004/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted TCP-based service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-27T10:06:21",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code610.blogspot.com/2018/07/crashing-nmap-770.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code610.blogspot.com/2018/07/crashing-nmap-760.html"
},
{
"name": "openSUSE-SU-2019:1462",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00067.html"
},
{
"name": "openSUSE-SU-2019:2198",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00073.html"
},
{
"name": "openSUSE-SU-2019:2200",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00075.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200827-0004/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15173",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted TCP-based service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://code610.blogspot.com/2018/07/crashing-nmap-770.html",
"refsource": "MISC",
"url": "http://code610.blogspot.com/2018/07/crashing-nmap-770.html"
},
{
"name": "http://code610.blogspot.com/2018/07/crashing-nmap-760.html",
"refsource": "MISC",
"url": "http://code610.blogspot.com/2018/07/crashing-nmap-760.html"
},
{
"name": "openSUSE-SU-2019:1462",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00067.html"
},
{
"name": "openSUSE-SU-2019:2198",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00073.html"
},
{
"name": "openSUSE-SU-2019:2200",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00075.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200827-0004/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200827-0004/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-15173",
"datePublished": "2018-08-08T00:00:00",
"dateReserved": "2018-08-07T00:00:00",
"dateUpdated": "2024-08-05T09:46:25.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-1000161
Vulnerability from cvelistv5
Published
2018-04-18 19:00
Modified
2024-08-05 12:33
Severity ?
EPSS score ?
Summary
nmap version 6.49BETA6 through 7.60, up to and including SVN revision 37147 contains a Directory Traversal vulnerability in NSE script http-fetch that can result in file overwrite as the user is running it. This attack appears to be exploitable via a victim that runs NSE script http-fetch against a malicious web site. This vulnerability appears to have been fixed in 7.7.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nmap.org/changelog.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:33:49.471Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nmap.org/changelog.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2018-04-06T00:00:00",
"datePublic": "2018-04-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "nmap version 6.49BETA6 through 7.60, up to and including SVN revision 37147 contains a Directory Traversal vulnerability in NSE script http-fetch that can result in file overwrite as the user is running it. This attack appears to be exploitable via a victim that runs NSE script http-fetch against a malicious web site. This vulnerability appears to have been fixed in 7.7."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-18T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nmap.org/changelog.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2018-04-06T14:09:26.583532",
"DATE_REQUESTED": "2018-03-27T14:18:58",
"ID": "CVE-2018-1000161",
"REQUESTER": "ocve@wolke7.net",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "nmap version 6.49BETA6 through 7.60, up to and including SVN revision 37147 contains a Directory Traversal vulnerability in NSE script http-fetch that can result in file overwrite as the user is running it. This attack appears to be exploitable via a victim that runs NSE script http-fetch against a malicious web site. This vulnerability appears to have been fixed in 7.7."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nmap.org/changelog.html",
"refsource": "MISC",
"url": "https://nmap.org/changelog.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-1000161",
"datePublished": "2018-04-18T19:00:00",
"dateReserved": "2018-03-27T00:00:00",
"dateUpdated": "2024-08-05T12:33:49.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-18594
Vulnerability from cvelistv5
Published
2019-08-28 23:50
Modified
2024-08-05 21:28
Severity ?
EPSS score ?
Summary
nse_libssh2.cc in Nmap 7.70 is subject to a denial of service condition due to a double free when an SSH connection fails, as demonstrated by a leading \n character to ssh-brute.nse or ssh-auth-methods.nse.
References
| ▼ | URL | Tags |
|---|---|---|
| https://seclists.org/nmap-dev/2018/q2/45 | x_refsource_MISC | |
| https://github.com/nmap/nmap/issues/1227 | x_refsource_MISC | |
| https://github.com/nmap/nmap/commit/350bbe0597d37ad67abe5fef8fba984707b4e9ad | x_refsource_MISC | |
| https://github.com/nmap/nmap/issues/1077 | x_refsource_MISC | |
| https://github.com/AMatchandaHaystack/Research/blob/master/Nmap%26libsshDF | x_refsource_MISC | |
| https://seclists.org/nmap-announce/2019/0 | x_refsource_MISC | |
| http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00073.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00075.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:28:55.571Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://seclists.org/nmap-dev/2018/q2/45"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/nmap/nmap/issues/1227"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/nmap/nmap/commit/350bbe0597d37ad67abe5fef8fba984707b4e9ad"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/nmap/nmap/issues/1077"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/AMatchandaHaystack/Research/blob/master/Nmap%26libsshDF"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://seclists.org/nmap-announce/2019/0"
},
{
"name": "openSUSE-SU-2019:2198",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00073.html"
},
{
"name": "openSUSE-SU-2019:2200",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00075.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "nse_libssh2.cc in Nmap 7.70 is subject to a denial of service condition due to a double free when an SSH connection fails, as demonstrated by a leading \\n character to ssh-brute.nse or ssh-auth-methods.nse."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-26T11:06:10",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://seclists.org/nmap-dev/2018/q2/45"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nmap/nmap/issues/1227"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nmap/nmap/commit/350bbe0597d37ad67abe5fef8fba984707b4e9ad"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nmap/nmap/issues/1077"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/AMatchandaHaystack/Research/blob/master/Nmap%26libsshDF"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://seclists.org/nmap-announce/2019/0"
},
{
"name": "openSUSE-SU-2019:2198",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00073.html"
},
{
"name": "openSUSE-SU-2019:2200",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00075.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18594",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "nse_libssh2.cc in Nmap 7.70 is subject to a denial of service condition due to a double free when an SSH connection fails, as demonstrated by a leading \\n character to ssh-brute.nse or ssh-auth-methods.nse."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://seclists.org/nmap-dev/2018/q2/45",
"refsource": "MISC",
"url": "https://seclists.org/nmap-dev/2018/q2/45"
},
{
"name": "https://github.com/nmap/nmap/issues/1227",
"refsource": "MISC",
"url": "https://github.com/nmap/nmap/issues/1227"
},
{
"name": "https://github.com/nmap/nmap/commit/350bbe0597d37ad67abe5fef8fba984707b4e9ad",
"refsource": "MISC",
"url": "https://github.com/nmap/nmap/commit/350bbe0597d37ad67abe5fef8fba984707b4e9ad"
},
{
"name": "https://github.com/nmap/nmap/issues/1077",
"refsource": "MISC",
"url": "https://github.com/nmap/nmap/issues/1077"
},
{
"name": "https://github.com/AMatchandaHaystack/Research/blob/master/Nmap%26libsshDF",
"refsource": "MISC",
"url": "https://github.com/AMatchandaHaystack/Research/blob/master/Nmap%26libsshDF"
},
{
"name": "https://seclists.org/nmap-announce/2019/0",
"refsource": "MISC",
"url": "https://seclists.org/nmap-announce/2019/0"
},
{
"name": "openSUSE-SU-2019:2198",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00073.html"
},
{
"name": "openSUSE-SU-2019:2200",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00075.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-18594",
"datePublished": "2019-08-28T23:50:22",
"dateReserved": "2019-08-28T00:00:00",
"dateUpdated": "2024-08-05T21:28:55.571Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}