Advisories » MGASA-2013-0305

Updated nmap package fixes CVE-2013-4885

Publication date: 17 Oct 2013
Modification date: 17 Oct 2013
Type: security
Affected Mageia releases : 3
CVE: CVE-2013-4885

Description

Updated nmap packages fix security vulnerability:

It is possible to write arbitrary files to a remote system, through a specially
crafted server response for NMAP http-domino-enum-passwords.nse script from
nmap before 6.40 (CVE-2013-4885).
                

References

• http://packetstormsecurity.com/files/122719/TWSL2013-025.txt
• https://lists.fedoraproject.org/pipermail/package-announce/2013-August/114768.html
• https://bugs.mageia.org/show_bug.cgi?id=11090
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4885

SRPMS

3/core

• nmap-6.25-3.1.mga3