Mandriva Update For Ktorrent MDKSA-2007:095 (ktorrent) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A directory traversal vulnerability was found in KTorrent prior to 2.1.2, due to an incomplete fix for a prior directory traversal vulnerability that was corrected in version 2.1.2. Previously, KTorrent would only check for the string .., which could permit strings such as ../. Updated packages have been patched to correct this issue.

Affected

ktorrent on Mandriva Linux 2007.1, Mandriva Linux 2007.1/X86_64

Severity

Classification

CVE CVE-2007-1799

CVSS	Base Score: 6.4 AV:N/AC:L/Au:N/C:N/I:P/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:177 (ruby)
Mandrake Security Advisory MDVSA-2009:080 (glib2.0)
Mandrake Security Advisory MDVSA-2009:133 (irssi)
Mandrake Security Advisory MDVSA-2009:032 (kernel)
Mandrake Security Advisory MDVSA-2009:178 (squid)

Mandriva Update for ktorrent MDKSA-2007:095 (ktorrent)

Take action and discover your vulnerabilities