Gnapster and Knapster File Access Vulnerability
BID:1186
Info
Gnapster and Knapster File Access Vulnerability
| Bugtraq ID: | 1186 |
| Class: | Access Validation Error |
| CVE: |
CVE-2000-0412 |
| Remote: | Yes |
| Local: | Yes |
| Published: | May 10 2000 12:00AM |
| Updated: | Jul 11 2009 01:56AM |
| Credit: | A series of advisories were released on this topic to the Bugtraq mailing list between May 9 and 11th from Cerias and FreeBSD. |
| Vulnerable: |
Josh Guilfoyle Gnapster 1.3.8 John Donoghue Knapster 0.9 |
| Not Vulnerable: | |
Discussion
Gnapster and Knapster File Access Vulnerability
Various open source clones of the Napster software package have a vulnerability by which users may view files on a machine running a vulnerable Napster clone client. The file access is limited to files accessible by the user running the client. The official commercial version of Napster does not contain this vulnerability.
Various open source clones of the Napster software package have a vulnerability by which users may view files on a machine running a vulnerable Napster clone client. The file access is limited to files accessible by the user running the client. The official commercial version of Napster does not contain this vulnerability.