CVE-2008-5905 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-5905
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-5905

Description: The web interface plugin in KTorrent before 3.1.4 allows remote attackers to bypass intended access restrictions and upload arbitrary torrent files, and trigger the start of downloads and seeding, via a crafted HTTP POST request.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/46117 UBUNTU http://www.ubuntu.com/usn/USN-711-1 SAID Secunia Advisory: SA34003 Secunia Advisory: SA33675 Secunia Advisory: SA32442 Secunia Advisory: SA32447 MLIST http://openwall.com/lists/oss-security/2009/01/08/1 GENTOO http://security.gentoo.org/glsa/glsa-200902-05.xml CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504178 http://ktorrent.org/?q=node/23 BID 31927

Return to the previous page.