CVE-2007-1799

Related Files

Debian Linux Security Advisory 1373-2

Posted Oct 23, 2007

Authored by Debian | Site debian.org

Debian Security Advisory 1373-2 - It was discovered that ktorrent, a BitTorrent client for KDE, was vulnerable to a directory traversal bug which potentially allowed remote users to overwrite arbitrary files. This updated advisory correctly increases the version number of the fixed package such that it is installable upon the etch release of Debian.

tags | advisory, remote, arbitrary

systems | linux, debian

advisories | CVE-2007-1799

SHA-256 | b890c45ffa798379b6863690886a4152c13c2a309ce80b97c902b3f6e092d5c2

Download | Favorite | View

Debian Linux Security Advisory 1373-1

Posted Sep 11, 2007

Authored by Debian | Site debian.org

Debian Security Advisory 1373-1 - It was discovered that ktorrent, a BitTorrent client for KDE, was vulnerable to a directory traversal bug which potentially allowed remote users to overwrite arbitrary files.

tags | advisory, remote, arbitrary

systems | linux, debian

advisories | CVE-2007-1799

SHA-256 | a960c7e4c34ac3e3c21cf9a30e5705e5bebfffa7196b540161fbd20a223ff098

Download | Favorite | View

Ubuntu Security Notice 436-2

Posted May 21, 2007

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 436-2 - USN-436-1 fixed a vulnerability in KTorrent. The original fix for path traversal was incomplete, allowing for alternate vectors of attack. Bryan Burns of Juniper Networks discovered that KTorrent did not correctly validate the destination file paths nor the HAVE statements sent by torrent peers. A malicious remote peer could send specially crafted messages to overwrite files or execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary

systems | linux, juniper, ubuntu

advisories | CVE-2007-1799

SHA-256 | 9639d94610747e9a97954734b5c101e1362174b07ea0275b2e5704d1ab214c07

Download | Favorite | View

Mandriva Linux Security Advisory 2007.095

Posted May 3, 2007

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A directory traversal vulnerability was found in KTorrent prior to 2.1.2, due to an incomplete fix for a prior directory traversal vulnerability that was corrected in version 2.1.2. Previously, KTorrent would only check for the string .., which could permit strings such as ../.

tags | advisory

systems | linux, mandriva

advisories | CVE-2007-1799

SHA-256 | 95e6acfad66c7d3960aa609df736b5c6c92cfe0c12dae9aefc472859674d3a16

Download | Favorite | View

Gentoo Linux Security Advisory 200705-1

Posted May 3, 2007

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200705-01 - Bryan Burns of Juniper Networks discovered a vulnerability in chunkcounter.cpp when processing large or negative idx values, and a directory traversal vulnerability in torrent.cpp. Versions less than 2.1.3 are affected.

tags | advisory

systems | linux, gentoo, juniper

advisories | CVE-2007-1384, CVE-2007-1385, CVE-2007-1799

SHA-256 | b57efc215d1526e13a88dad0980b79388b365f50a3326ebe8a381ad5c7ef0948

Download | Favorite | View