http-vmware-path-vuln
脚本使用类型:
portrule
脚本所属分类:
vuln, safe
脚本下载地址: http://nmap.org/svn/scripts/http-vmware-path-vuln.nse
Checks for a path-traversal vulnerability in VMWare ESX, ESXi, and Server (CVE-2009-3733).
The vulnerability was originally released by Justin Morehouse and Tony Flick, who presented at Shmoocon 2010 (http://fyrmassociates.com/tools.html).
执行格式
nmap --script http-vmware-path-vuln -p80,443,8222,8333 <host>
| http-vmware-path-vuln: | VMWare path traversal (CVE-2009-3733): VULNERABLE | /vmware/Windows 2003/Windows 2003.vmx | /vmware/Pentest/Pentest - Linux/Linux Pentest Bravo.vmx | /vmware/Pentest/Pentest - Windows/Windows 2003.vmx | /mnt/vmware/vmware/FreeBSD 7.2/FreeBSD 7.2.vmx | /mnt/vmware/vmware/FreeBSD 8.0/FreeBSD 8.0.vmx | /mnt/vmware/vmware/FreeBSD 8.0 64-bit/FreeBSD 8.0 64-bit.vmx |_ /mnt/vmware/vmware/Slackware 13 32-bit/Slackware 13 32-bit.vmx
Author: Ron Bowes
License: VER007 整理 http://www.ver007.com