CVE-2008-5905
CVE-2008-5905
The web interface plugin in KTorrent before 3.1.4 allows remote attackers to bypass intended access restrictions and upload arbitrary torrent files, and trigger the start of downloads and seeding, via a crafted HTTP POST request.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504178http://ktorrent.org/?q=node/23http://openwall.com/lists/oss-security/2009/01/08/1https://bugs.gentoo.org/show_bug.cgi?id=244741http://secunia.com/advisories/32442http://secunia.com/advisories/32447http://secunia.com/advisories/33675http://secunia.com/advisories/34003http://security.gentoo.org/glsa/glsa-200902-05.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/46117http://www.securityfocus.com/bid/31927http://www.ubuntu.com/usn/USN-711-1