MLdonkey <= 2.9.7 HTTP DOUBLE SLASH Arbitrary File Disclosure Vuln
Bug #340166 reported by
big one
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mldonkey (Debian) |
Fix Released
|
Unknown
|
|||
mldonkey (Ubuntu) |
Fix Released
|
Critical
|
Unassigned | ||
Hardy |
Fix Released
|
Undecided
|
Unassigned | ||
Intrepid |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
http://
MLdonkey (up to 2.9.7) has a vulnerability that allows remote user to access any
file with rights of running Mldonkey daemon by supplying a
special-crafted request (ok, there's not much special about double
slash) to an Mldonkey http GUI (tcp/4080 usually).
Reference:
https:/
Thus, the exploit would be as simple as accessing any file on a remote
host with your browser and double slash:
http://
# milw0rm.com [2009-02-23]
CVE References
Changed in mldonkey: | |
status: | Unknown → Fix Released |
To post a comment you must log in.
Thank you for using Ubuntu and taking the time to report a bug. This package is in universe and is community supported. If you are able, perhaps you could prepare debdiffs to fix this by following https:/ /wiki.ubuntu. com/SecurityUpd ateProcedures.
Possible upstream patch is https:/ /savannah. nongnu. org/patch/ download. php?file_ id=17518 (but see upstream bug for more information).