|Description||nmap version 6.49BETA6 through 7.60, up to and including SVN revision 37147 contains a Directory Traversal vulnerability in NSE script http-fetch that can result in file overwrite as the user is running it. This attack appears to be exploitable via a victim that runs NSE script http-fetch against a malicious web site. This vulnerability appears to have been fixed in 7.7.|
|Source||CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)|
Vulnerable and fixed packages
The table below lists information on source packages.
The information below is based on the following data on fixed versions.
|Package||Type||Release||Fixed Version||Urgency||Origin||Debian Bugs|
[stretch] - nmap <no-dsa> (Minor issue)
[jessie] - nmap <not-affected> (Vulnerable code not present)
[wheezy] - nmap <not-affected> (Vulnerable code not present)
Fixed by: https://github.com/nmap/nmap/commit/098e32713650f54732472f31245b7eca936b2bd8
Fixed by: https://github.com/nmap/nmap/commit/da0c861299ae1ce6268e9591838f7a1144b327d7
Fixed by: https://github.com/nmap/nmap/commit/88631b50676c38824e01d30819f46258a8497b0a
Fixed by: https://github.com/nmap/nmap/commit/80e1977308e51b1b7aa038a38f8837a7e90b3849
Introduced in https://github.com/nmap/nmap/commit/88381c2e685297a4fafe7182a06877b27da34e1e
Script added in 6.49BETA6 (cf. https://bugzilla.suse.com/show_bug.cgi?id=1088608#c1)