MLdonkey HTTP Request Arbitrary File Download Vulnerability Network Vulnerability

Summary

MLdonkey is prone to a vulnerability that lets attackers download arbitrary files. The issue occurs because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view arbitrary files within the context of the application. Information harvested may aid in launching further attacks. MLdonkey 2.9.7 is vulnerable other versions may also be affected.

Solution

Fixes are available please see the http://www.nongnu.org/mldonkey/ for more information.

References

http://www.securityfocus.com/bid/33865

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-0753

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Detect the presence of Napster
WinMX is installed
Lime Wire Multiple Remote Unauthorized Access
Xedus XSS
Xedus Denial of Service

Take action and discover your vulnerabilities