MLdonkey (up to 2.9.7) has a vulnerability that allows remote user to access any file with rights of running Mldonkey daemon by supplying a special-crafted request (ok, there's not much special about double slash) to an Mldonkey http GUI (tcp/4080 usually).
Reference:
https://savannah.nongnu.org/bugs/?25667
Thus, the exploit would be as simple as accessing any file on a remote host with your browser and double slash:
http://mlhost:4080//etc/passwd
# milw0rm
Reference:
https://savannah.nongnu.org/bugs/?25667
Thus, the exploit would be as simple as accessing any file on a remote host with your browser and double slash:
http://mlhost:4080//etc/passwd
# milw0rm
Posts
No comments:
Post a Comment