Wind River Support Network

HomeDefectsLIN9-6798

Fixed

LIN9-6798 : Security Advisory - nmap - CVE-2018-1000161

Created: May 2, 2018 Updated: Dec 3, 2018

Resolved Date: May 6, 2018

Found In Version: 9.0.0.15

Fix Version: 9.0.0.16

Severity: Standard

Applicable for: Wind River Linux 9

Component/s: Userspace

Description

nmap version 6.49BETA6 through 7.60, up to and including SVN revision 37147 contains a Directory Traversal vulnerability in NSE script http-fetch that can result in file overwrite as the user is running it. This attack appears to be exploitable via a victim that runs NSE script http-fetch against a malicious web site. This vulnerability appears to have been fixed in 7.7.

https://nvd.nist.gov/vuln/detail/CVE-2018-1000161

Other Downloads

Wind River Linux 9.0.0.16
Wind River Linux 9.0.0.17
Wind River Linux 9.0.0.18
Wind River Linux 9.0.0.19
Wind River Linux 9.0.0.20
Wind River Linux 9.0.0.21
Wind River Linux 9.0.0.22
Wind River Linux 9.0.0.23
Wind River Linux 9.0.0.24
Wind River Linux 9.0.0.25
Wind River Linux 9.0.0.26

CVEs

CVE-2018-1000161