The http-domino-enum-passwords.nse script in NMap prior to 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
nmap nmap |
||
nmap nmap 6.20 |
||
nmap nmap 5.59 |
||
nmap nmap 5.50 |
||
nmap nmap 5.00 |
||
nmap nmap 4.90 |
||
nmap nmap 4.85 |
||
nmap nmap 4.60 |
||
nmap nmap 4.53 |
||
nmap nmap 4.49 |
||
nmap nmap 4.22 |
||
nmap nmap 4.20 |
||
nmap nmap 4.02 |
||
nmap nmap 4.01 |
||
nmap nmap 3.95 |
||
nmap nmap 3.94 |
||
nmap nmap 3.75 |
||
nmap nmap 3.70 |
||
nmap nmap 3.55 |
||
nmap nmap 3.40 |
||
nmap nmap 3.25 |
||
nmap nmap 3.20 |
||
nmap nmap 3.10 |
||
nmap nmap 2.54 |
||
nmap nmap 2.53 |
||
nmap nmap 2.52 |
||
nmap nmap 2.3 |
||
nmap nmap 2.2 |
||
nmap nmap 2.09 |
||
nmap nmap 2.08 |
||
nmap nmap 5.61 |
||
nmap nmap 5.21 |
||
nmap nmap 5.20 |
||
nmap nmap 4.75 |
||
nmap nmap 4.68 |
||
nmap nmap 4.50 |
||
nmap nmap 4.21 |
||
nmap nmap 4.10 |
||
nmap nmap 4.04 |
||
nmap nmap 3.999 |
||
nmap nmap 3.99 |
||
nmap nmap 3.93 |
||
nmap nmap 3.91 |
||
nmap nmap 3.45 |
||
nmap nmap 3.30 |
||
nmap nmap 3.15 |
||
nmap nmap 3.00 |
||
nmap nmap 2.99 |
||
nmap nmap 2.1 |
||
nmap nmap 2.12 |
||
nmap nmap 6.01 |
||
nmap nmap 6.00 |
||
nmap nmap 5.35 |
||
nmap nmap 5.30 |
||
nmap nmap 4.76 |
||
nmap nmap 4.52 |
||
nmap nmap 4.51 |
||
nmap nmap 4.11 |
||
nmap nmap 4.00 |
||
nmap nmap 3.9999 |
||
nmap nmap 3.50 |
||
nmap nmap 3.48 |
||
nmap nmap 2.51 |
||
nmap nmap 2.50 |
||
nmap nmap 2.07 |
||
nmap nmap 2.06 |
||
nmap nmap 2.05 |
||
nmap nmap 5.51 |
||
nmap nmap 5.10 |
||
nmap nmap 4.65 |
||
nmap nmap 4.62 |
||
nmap nmap 4.03 |
||
nmap nmap 3.98 |
||
nmap nmap 3.96 |
||
nmap nmap 3.90 |
||
nmap nmap 3.81 |
||
nmap nmap 3.28 |
||
nmap nmap 3.27 |
||
nmap nmap 3.26 |
||
nmap nmap 2.11 |
||
nmap nmap 2.10 |
||
opensuse opensuse 12.3 |
Vulmon