MLdonkey HTTP Request Arbitrary File Download Vulnerability Network Vulnerability

Summary

MLdonkey is prone to a vulnerability that lets attackers download arbitrary files. The issue occurs because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view arbitrary files within the context of the application. Information harvested may aid in launching further attacks. MLdonkey 2.9.7 is vulnerable other versions may also be affected.

Solution

Fixes are available please see the http://www.nongnu.org/mldonkey/ for more information.

References

http://www.securityfocus.com/bid/33865

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-0753
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Xedus directory traversal
Detect the presence of Napster
Trillian is installed
Lime Wire Multiple Remote Unauthorized Access
Xedus XSS

Take action and discover your vulnerabilities