nmap version 6.49BETA6 through 7.60, up to and including SVN revision 37147 contains a Directory Traversal vulnerability in NSE script http-fetch that can result in file overwrite as the user is running it. This attack appears to be exploitable via a victim that runs NSE script http-fetch against a malicious web site. This vulnerability appears to have been fixed in 7.7.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_version": "7.80+dfsg1-2build1", "binary_name": "ncat" }, { "binary_version": "7.80+dfsg1-2build1", "binary_name": "ncat-dbgsym" }, { "binary_version": "7.80+dfsg1-2build1", "binary_name": "ndiff" }, { "binary_version": "7.80+dfsg1-2build1", "binary_name": "nmap" }, { "binary_version": "7.80+dfsg1-2build1", "binary_name": "nmap-common" }, { "binary_version": "7.80+dfsg1-2build1", "binary_name": "nmap-dbgsym" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_version": "7.91+dfsg1+really7.80+dfsg1-2build1", "binary_name": "ncat" }, { "binary_version": "7.91+dfsg1+really7.80+dfsg1-2build1", "binary_name": "ncat-dbgsym" }, { "binary_version": "7.91+dfsg1+really7.80+dfsg1-2build1", "binary_name": "ndiff" }, { "binary_version": "7.91+dfsg1+really7.80+dfsg1-2build1", "binary_name": "nmap" }, { "binary_version": "7.91+dfsg1+really7.80+dfsg1-2build1", "binary_name": "nmap-common" }, { "binary_version": "7.91+dfsg1+really7.80+dfsg1-2build1", "binary_name": "nmap-dbgsym" } ] }