Mega Upload upload.cgi Unspecified File List Issue

2004-10-26T06:49:00
ID OSVDB:11171
Type osvdb
Reporter OSVDB
Modified 2004-10-26T06:49:00

Description

Vulnerability Description

Mega Upload contains a flaw related to the way that the upload.cgi script qscript variable handles the list of uploaded files and may allow an attacker to perform an attack with an unknown impact. No further details have been provided.

Solution Description

Upgrade to version 1.45 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Mega Upload contains a flaw related to the way that the upload.cgi script qscript variable handles the list of uploaded files and may allow an attacker to perform an attack with an unknown impact. No further details have been provided.

References:

Vendor URL: http://www.raditha.com/megaupload/ Vendor Specific News/Changelog Entry: http://www.raditha.com/blog/archives/000547.html Vendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=277989 Security Tracker: 1011960 Secunia Advisory ID:12993 Mail List Post: http://archives.neohapsis.com/archives/secunia/2004-q4/0281.html ISS X-Force ID: 17882 CVE-2004-2743 Bugtraq ID: 11547