Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2008-5905

Опубликовано: 15 янв. 2009
Источник: nvd
CVSS2: 4.3
EPSS Низкий

Описание

The web interface plugin in KTorrent before 3.1.4 allows remote attackers to bypass intended access restrictions and upload arbitrary torrent files, and trigger the start of downloads and seeding, via a crafted HTTP POST request.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ktorrent:ktorrent:*:*:*:*:*:*:*:*
Версия до 3.1.3 (включая)
cpe:2.3:a:ktorrent:ktorrent:0.9:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:1.0:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:1.1:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:1.2:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:1.2:rc1:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:1.2:rc2:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.0:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.0:beta1:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.1:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.1:beta1:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.1:rc1:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.1.4:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.2:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.2:beta1:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.2:rc1:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.2.6:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.2.7:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:2.2.8:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:3.0:beta1:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:3.0:rc1:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ktorrent:ktorrent:3.1.2:*:*:*:*:*:*:*

EPSS

Процентиль: 31%
0.00117
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu логотип

CVE-2008-5905

ubuntu
почти 17 лет назад

The web interface plugin in KTorrent before 3.1.4 allows remote attackers to bypass intended access restrictions and upload arbitrary torrent files, and trigger the start of downloads and seeding, via a crafted HTTP POST request.

debian логотип

CVE-2008-5905

debian
почти 17 лет назад

The web interface plugin in KTorrent before 3.1.4 allows remote attack ...

github логотип

GHSA-6fgr-vh7g-73gx

github
больше 3 лет назад

The web interface plugin in KTorrent before 3.1.4 allows remote attackers to bypass intended access restrictions and upload arbitrary torrent files, and trigger the start of downloads and seeding, via a crafted HTTP POST request.

EPSS

Процентиль: 31%
0.00117
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-264