On Tue, Oct 28, 2008 at 10:41:33AM +0100, Giuseppe Iuculano wrote:
> Package: ktorrent
> Version: 3.1.1+dfsg.1-1
> Severity: important
> Tags: security
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> - From Secunia:
>
> Some vulnerabilities have been discovered in KTorrent, which can be
> exploited by malicious users to compromise a vulnerable system and
> malicious people to bypass certain security restrictions.
>
> 1) The web interface plugin does not properly restrict access to the
> torrent upload functionality. This can be exploited to upload
> arbitrary torrent files by sending specially crafted HTTP POST
> request to the affected application.
>
> 2) The web interface plugin does not properly sanitise request
> parameters before passing them to the PHP interpreter. This can be
> exploited to inject and execute arbitrary PHP code by passing
> specially crafted parameters to the PHP scripts of the web
> interface.
>
> Successful exploitation of the vulnerabilities requires that the web
> interface plugin is enabled (not the default setting).
What's the status of this for Lenny?
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
