| Name | CVE-2018-1000161 |
| Description | nmap version 6.49BETA6 through 7.60, up to and including SVN revision 37147 contains a Directory Traversal vulnerability in NSE script http-fetch that can result in file overwrite as the user is running it. This attack appears to be exploitable via a victim that runs NSE script http-fetch against a malicious web site. This vulnerability appears to have been fixed in 7.7. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|---|---|---|
| nmap (PTS) | buster | 7.70+dfsg1-6+deb10u2 | fixed |
| bullseye | 7.91+dfsg1+really7.80+dfsg1-2 | fixed | |
| bookworm | 7.93+dfsg1-1 | fixed | |
| trixie | 7.94+git20230807.3be01efb1+dfsg-2 | fixed | |
| sid | 7.94+git20230807.3be01efb1+dfsg-3 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| nmap | source | wheezy | (not affected) | |||
| nmap | source | jessie | (not affected) | |||
| nmap | source | (unstable) | 7.70+dfsg1-1 |
[stretch] - nmap <no-dsa> (Minor issue)
[jessie] - nmap <not-affected> (Vulnerable code not present)
[wheezy] - nmap <not-affected> (Vulnerable code not present)
Fixed by: https://github.com/nmap/nmap/commit/098e32713650f54732472f31245b7eca936b2bd8
Fixed by: https://github.com/nmap/nmap/commit/da0c861299ae1ce6268e9591838f7a1144b327d7
Fixed by: https://github.com/nmap/nmap/commit/88631b50676c38824e01d30819f46258a8497b0a
Fixed by: https://github.com/nmap/nmap/commit/80e1977308e51b1b7aa038a38f8837a7e90b3849
Introduced in https://github.com/nmap/nmap/commit/88381c2e685297a4fafe7182a06877b27da34e1e
Script added in 6.49BETA6 (cf. https://bugzilla.suse.com/show_bug.cgi?id=1088608#c1)