Mandriva: Subject: [Security Announce] [ MDVSA-2009:139 ] libtorrent-rasterbar

June 24, 2009 - 3:54 am | LinuxSecurity.com - Security Advisories
LinuxSecurity.com: A security vulnerability has been identified and corrected in libtorrent-rasterbar: Directory traversal vulnerability in src/torrent_info.cpp in Rasterbar libtorrent before 0.14.4, as used in firetorrent, qBittorrent, deluge Torrent, and other applications, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) and partial relative pathname in a Multiple File Mode list element in a .torrent file (CVE-2009-1760). The updated packages have been patched to prevent this.
Posted in Server & Linux Security
Bookmark the permalink. Follow any comments here with the RSS feed for this post. Both comments and trackbacks are currently closed.

All trademarks and copyrights owned by their respective owners and are used for illustration only
Kokopelli Creative Web Design
Webhosting Admin | Bargain Host | Host Wiki | domainRIFFIC | WhoisGator | Domain Dojo | Domain Rates