CVE-2009-0753
Published: 3 March 2009
Absolute path traversal vulnerability in MLDonkey 2.8.4 through 2.9.7 allows remote attackers to read arbitrary files via a leading "//" (double slash) in the filename.
Priority
Status
Package | Release | Status |
---|---|---|
mldonkey Launchpad, Ubuntu, Debian |
dapper |
Not vulnerable
|
gutsy |
Ignored
(end of life, was needed)
|
|
hardy |
Released
(2.9.2-2ubuntu0.1)
|
|
intrepid |
Released
(2.9.5-1ubuntu0.1)
|
|
upstream |
Needs triage
|
|
Patches: other: https://savannah.nongnu.org/bugs/?25667 |