MLDonkey P2P User Security Bypass Vulnerability
BID:26202
Info
MLDonkey P2P User Security Bypass Vulnerability
| Bugtraq ID: | 26202 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 24 2007 12:00AM |
| Updated: | Oct 25 2007 11:37PM |
| Credit: | This issue was reported by Gentoo. |
| Vulnerable: |
Mldonkey Mldonkey 2.9 Mldonkey Mldonkey 2.8 Mldonkey Mldonkey 2.7 Mldonkey Mldonkey 2.6 Mldonkey Mldonkey 2.5 -4 Mldonkey Mldonkey 2.5 |
| Not Vulnerable: |
Mldonkey Mldonkey 2.9.0-r3 |
Discussion
MLDonkey P2P User Security Bypass Vulnerability
MLDonkey is prone to a security-bypass vulnerability due to a design error.
An attacker could exploit this issue to gain unauthorized access to affected computers, which may lead to other attacks.
This issue affects versions prior to MLDonkey 2.9.0-r3.
MLDonkey is prone to a security-bypass vulnerability due to a design error.
An attacker could exploit this issue to gain unauthorized access to affected computers, which may lead to other attacks.
This issue affects versions prior to MLDonkey 2.9.0-r3.
Exploit / POC
MLDonkey P2P User Security Bypass Vulnerability
A specific exploit is not required. An attacker only needs to use a remote login application to exploit this issue.
A specific exploit is not required. An attacker only needs to use a remote login application to exploit this issue.
Solution / Fix
MLDonkey P2P User Security Bypass Vulnerability
Solution:
Updates are available to address this issue. Please see the references for more information.
Solution:
Updates are available to address this issue. Please see the references for more information.