advisories/22854.adv

type: security
subject: Updated nmap packages fix security vulnerability
src:
  6:
   core:
     - nmap-7.40-1.1.mga6
description: |
  Nmap developer nnposter found a security flaw (directory traversal
  vulnerability) in the way the non-default http-fetch script sanitized
  URLs. If a user manualy ran this NSE script against a malicious web
  server, the server could potentially (depending on NSE arguments used)
  cause files to be saved outside the intended destination directory.
  Existing files couldn't be overwritten.  We fixed http-fetch, audited
  our other scripts to ensure they didn't make this mistake, and updated
  the httpspider library API to protect against this by default.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=22854
 - http://seclists.org/nmap-announce/2018/0
ID: MGASA-2018-0196
1	type: security
2	subject: Updated nmap packages fix security vulnerability
3	src:
4	6:
5	core:
6	- nmap-7.40-1.1.mga6
7	description: \|
8	Nmap developer nnposter found a security flaw (directory traversal
9	vulnerability) in the way the non-default http-fetch script sanitized
10	URLs. If a user manualy ran this NSE script against a malicious web
11	server, the server could potentially (depending on NSE arguments used)
12	cause files to be saved outside the intended destination directory.
13	Existing files couldn't be overwritten. We fixed http-fetch, audited
14	our other scripts to ensure they didn't make this mistake, and updated
15	the httpspider library API to protect against this by default.
16	references:
17	- https://bugs.mageia.org/show_bug.cgi?id=22854
18	- http://seclists.org/nmap-announce/2018/0
19	ID: MGASA-2018-0196