Описание
The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 6.40-0.1 |
| esm-infra-legacy/trusty | released | 6.40-0.1 |
| lucid | ignored | end of life |
| precise | not-affected | code-not-present |
| quantal | ignored | end of life |
| raring | ignored | end of life |
| saucy | released | 6.40-0.1 |
| trusty | released | 6.40-0.1 |
| trusty/esm | released | 6.40-0.1 |
| upstream | released | 6.40 |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences.
The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences.
The http-domino-enum-passwords.nse script in NMap before 6.40, when do ...
The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences.
EPSS
6.8 Medium
CVSS2