+ OSVDB-0: GET ///etc/hosts : The server install allows reading of any system file by adding an extra '/' to the URL. + OSVDB-0: GET ///etc/passwd : The server install allows reading of any system file by adding an extra '/' to the URL. ".No hay camino hacia la libertad, la libertad es el camino." * mldonkey-server/launch_at_startup: true Mldonkey-server/max_hard_download_rate: 0 Mldonkey-server/repassword: (password omitted) Mldonkey-server/password: (password omitted) Versions of packages mldonkey-server suggests: Ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime Ii mime-support 3.44-1 MIME files 'mime.types' & Ii libstdc++6 4.3.2-1.1 The GNU Standard C++ Library v3 Ii libpng12-0 1.2.27-2 PNG library - runtime Ii libgd2-noxpm 2.0.36~rc1~dfsg-3 GD Graphics Library version Ii libgcc1 1:4.3.2-1.1 GCC support library Ii libfreetype6 2.3.7-2 FreeType 2 font engine, Ii libc6 2.7-18 GNU C Library: Shared libraries Ii dpkg 1.14.25 Debian package management Ii adduser 3.110 add and remove users and groups Versions of packages mldonkey-server depends on: Shell: /bin/sh linked to /usr/local/bin/bash Locale: LANG=es_AR.UTF-8, LC_CTYPE=es_AR.UTF-8 (charmap=UTF-8) (security http scan) output for your study. Hi, i want report this bug in mldonkey daemon. *** Please type your report below this line *** To: mldonkey-server: MLDokney doble slash http arbitrary file access Subject: mldonkey-server: MLDokney doble slash http arbitrary file
0 kommentar(er)
