[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE request: mldonkey arbitrary file download vulnerability
From: Florian Weimer <fw () deneb ! enyo ! de>
Date: 2009-02-23 21:43:09
Message-ID: 87wsbgommq.fsf () mid ! deneb ! enyo ! de
[Download RAW message or body]
mldonkey in version 2.9.7 and earlier permits remote attackers to
download arbitrary files accessible to the mldonkey daemon, using
crafted requests to the HTTP console.
<https://savannah.nongnu.org/bugs/?25667>
(The proposed patch deals with this in a rather odd place.)
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic