1560005 – (CVE-2018-1000161) CVE-2018-1000161 nmap: directory traversal in the way the non-default http-fetch script sanitized URLs

Bug 1560005 (CVE-2018-1000161) - CVE-2018-1000161 nmap: directory traversal in the way the non-default http-fetch script sanitized URLs

Summary: CVE-2018-1000161 nmap: directory traversal in the way the non-default http-fe...

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2018-1000161
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1560006 1560007
Blocks:	1560011
TreeView+	depends on / blocked

Reported:	2018-03-23 17:28 UTC by Laura Pardo
Modified:	2019-09-29 14:35 UTC (History)
CC List:	2 users (show)
Fixed In Version:	nmap 7.70
Clone Of:
Environment:
Last Closed:	2018-04-18 10:07:23 UTC
Embargoed:

Attachments	(Terms of Use)

Description Laura Pardo 2018-03-23 17:28:05 UTC

A flaw was found in Nmap before 7.70. A directory traversal vulnerability in the way the non-default http-fetch script sanitized URLs. If a user manually ran this NSE script with against a malicious web server, the server could potentially (depending on NSE arguments used) cause files to be saved outside the intended destination directory. Existing files couldn't be overwritten.


References:
https://nmap.org/changelog#7.70

Comment 1 Laura Pardo 2018-03-23 17:28:29 UTC

Created nmap tracking bugs for this issue:

Affects: fedora-all [bug 1560006]

Note You need to log in before you can comment on or make changes to this bug.