Gentoo Linux Security Advisory GLSA 200903-36 - A vulnerability in the MLDonkey web interface allows remote attackers to disclose arbitrary files. Michael Peselnik reported that src/utils/lib/url.ml in the web interface of MLDonkey does not handle file names with leading double slashes properly. Versions less than 3.0.0 are affected.
3c999c40cae53426bd057249b0a2b19dd12527868b98912c85d4a198d4504aa9Debian Security Advisory 1739-1 - It has been discovered that mldonkey, a client for several P2P networks, allows attackers to download arbitrary files using crafted requests to the HTTP console.
66676662acc2a12b201caa1346638e1e7b096f1a686c2f0d9defc2541a04a2f8
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed