MLdonkey <= 2.9.7 HTTP DOUBLE SLASH Arbitrary File Disclosure Vuln

2009-02-23 18:33:40

MLdonkey (up to 2.9.7) has a vulnerability that allows remote user to access any
file with rights of running Mldonkey daemon by supplying a
special-crafted request (ok, there's not much special about double
slash) to an Mldonkey http GUI (tcp/4080 usually).

Reference:
https://savannah.nongnu.org/bugs/?25667

Thus, the exploit would be as simple as accessing any file on a remote
host with your browser and double slash:

http://mlhost:4080//etc/passwd

#

Fixes

No fixes

In order to submit a new fix you need to be registered.