On Tue, Oct 28, 2008 at 10:41:33AM +0100, Giuseppe Iuculano wrote:
> Package: ktorrent
> Version: 3.1.1+dfsg.1-1
> Severity: important
> Tags: security
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> - From Secunia:
> Some vulnerabilities have been discovered in KTorrent, which can be
> exploited by malicious users to compromise a vulnerable system and
> malicious people to bypass certain security restrictions.
> 1) The web interface plugin does not properly restrict access to the
> torrent upload functionality. This can be exploited to upload
> arbitrary torrent files by sending specially crafted HTTP POST
> request to the affected application.
> 2) The web interface plugin does not properly sanitise request
> parameters before passing them to the PHP interpreter. This can be
> exploited to inject and execute arbitrary PHP code by passing
> specially crafted parameters to the PHP scripts of the web
> Successful exploitation of the vulnerabilities requires that the web
> interface plugin is enabled (not the default setting).
What's the status of this for Lenny?
pkg-kde-extras mailing list