Summary
Ubuntu Update for Linux kernel vulnerabilities USN-436-1
Solution
Please Install the Updated Packages.
Insight
Bryan Burns of Juniper Networks discovered that KTorrent did not correctly validate the destination file paths nor the HAVE statements sent by torrent peers. A malicious remote peer could send specially crafted messages to overwrite files or execute arbitrary code with user privileges.
Affected
ktorrent vulnerabilities on Ubuntu 6.06 LTS ,
Ubuntu 6.10
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2007-1384, CVE-2007-1385 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Ubuntu Update for dhcp vulnerability USN-531-2
- Ubuntu Update for apturl, Epiphany, gecko-sharp, gnome-python-extras, liferea, rhythmbox, totem, ubufox, yelp update USN-930-2
- Ubuntu Update for bash USN-2363-2
- Ubuntu Update for bind9 vulnerabilities USN-418-1
- Ubuntu Update for ca-certificates-java USN-1197-8