MidnightBSD

Advisories for nmap

CVE-2013-4885 MEDIUM

The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
nmap nmap 2.99
nmap nmap 4.52
nmap nmap 4.50
nmap nmap 4.75
nmap nmap 2.50
nmap nmap 6.20
nmap nmap 5.30
nmap nmap 2.51
nmap nmap 3.75
nmap nmap 3.55
nmap nmap 4.20
nmap nmap 5.10
nmap nmap 2.53
nmap nmap 2.05
nmap nmap 3.90
nmap nmap 3.15
nmap nmap 2.11
nmap nmap 4.21
nmap nmap 4.02
nmap nmap 4.51
nmap nmap 3.93
nmap nmap 3.94
nmap nmap 3.28
nmap nmap 2.10
nmap nmap 3.81
nmap nmap 5.61
nmap nmap 4.49
nmap nmap 2.2
nmap nmap 2.09
nmap nmap 2.54
nmap nmap 3.98
nmap nmap 3.999
nmap nmap 4.68
nmap nmap 3.30
nmap nmap 3.27
nmap nmap 3.45
nmap nmap 4.76
nmap nmap 4.03
nmap nmap 4.11
nmap nmap 3.91
nmap nmap 6.01
nmap nmap 3.50
nmap nmap 2.07
nmap nmap 4.62
nmap nmap *
nmap nmap 5.50
opensuse opensuse 12.3
nmap nmap 5.59
nmap nmap 4.01
nmap nmap 4.53
nmap nmap 5.20
nmap nmap 2.3
nmap nmap 3.25
nmap nmap 3.95
nmap nmap 4.65
nmap nmap 5.00
nmap nmap 3.10
nmap nmap 2.1
nmap nmap 2.08
nmap nmap 2.12
nmap nmap 2.52
nmap nmap 5.51
nmap nmap 3.00
nmap nmap 3.99
nmap nmap 3.9999
nmap nmap 3.40
nmap nmap 3.26
nmap nmap 3.70
nmap nmap 4.00
nmap nmap 4.10
nmap nmap 4.22
nmap nmap 3.20
nmap nmap 5.35
nmap nmap 6.00
nmap nmap 4.85
nmap nmap 2.06
nmap nmap 3.96
nmap nmap 4.04
nmap nmap 4.90
nmap nmap 5.21
nmap nmap 3.48
nmap nmap 4.60
CVE-2017-18594 MEDIUM

nse_libssh2.cc in Nmap 7.70 is subject to a denial of service condition due to a double free when an SSH connection fails, as demonstrated by a leading \n character to ssh-brute.nse or ssh-auth-methods.nse.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-415,

Products Affected

Vendor Product Version
nmap nmap 7.70
CVE-2018-1000161 LOW

nmap version 6.49BETA6 through 7.60, up to and including SVN revision 37147 contains a Directory Traversal vulnerability in NSE script http-fetch that can result in file overwrite as the user is running it. This attack appears to be exploitable via a victim that runs NSE script http-fetch against a malicious web site. This vulnerability appears to have been fixed in 7.7.

CVSS 2.0

Severity: LOW

Problem Type: CWE-22,

Products Affected

Vendor Product Version
nmap nmap 7.00
nmap nmap 7.12
nmap nmap 6.49
nmap nmap 7.11
nmap nmap 7.31
nmap nmap 7.50
nmap nmap 7.30
nmap nmap 7.60
nmap nmap 7.10
nmap nmap 7.25
nmap nmap 7.40
nmap nmap 7.01
CVE-2018-15173 MEDIUM

Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted TCP-based service.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
nmap nmap *
CVE-2019-11490 HIGH

An issue was discovered in Npcap 0.992. Sending a malformed .pcap file with the loopback adapter using either pcap_sendqueue_queue() or pcap_sendqueue_transmit() results in kernel pool corruption. This could lead to arbitrary code executing inside the Windows kernel and allow escalation of privileges.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-415,

Products Affected

Vendor Product Version
nmap npcap 0.992