EUVD-2009-1438

Malware in sbrugna...

Gentoo Security Advisory GLSA 200909-06 (amule)

The remote host is missing updates announced in advisory GLSA 200909-06. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200909-06 (amule)

The remote host is missing updates announced in advisory GLSA 200909-06. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

GLSA-200909-06 : aMule: Parameter injection

The remote host is affected by the vulnerability described in GLSA-200909-06 aMule: Parameter injection Sam Hocevar discovered that the aMule preview function does not properly sanitize file names. Impact : A remote attacker could entice a user to download a file with a specially crafted file nam...

aMule: Parameter injection

Background aMule is an eMule-like client for the eD2k and Kademlia networks, supporting multiple platforms. Description Sam Hocevar discovered that the aMule preview function does not properly sanitize file names. Impact A remote attacker could entice a user to download a file with a specially...

Debian Security Advisory DSA 1821-1 (amule)

The remote host is missing an update to amule announced via advisory DSA 1821-1. OpenVAS Vulnerability Test $Id: deb18211.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1821-1 amule Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

Debian: Security Advisory (DSA-1821-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 1821-1] New amule packages fix insufficient input sanitising

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1821-1 [email protected] http://www.debian.org/security/ Steffen Joeris June 22, 2009 http://www.debian.org/security/faq -...

Debian DSA-1821-1 : amule - insufficient input sanitising

Sam Hocevar discovered that amule, a client for the eD2k and Kad networks, does not properly sanitise the filename, when using the preview function. This could lead to the injection of arbitrary commands passed to the video player. The oldstable distribution etch is not affected by this issue...

[SECURITY] [DSA 1821-1] New amule packages fix insufficient input sanitising

------------------------------------------------------------------------ Debian Security Advisory DSA-1821-1 [email protected] http://www.debian.org/security/ Steffen Joeris June 22, 2009 http://www.debian.org/security/faq -...

DSA-1821-1 amule - insufficient input sanitising

Bulletin has no description...

CVE-2009-1440

Incomplete blacklist vulnerability in DownloadListCtrl.cpp in amule 2.2.4 allows remote attackers to conduct argument injection attacks into a command for mplayer via a crafted filename...

DEBIAN-CVE-2009-1440

Incomplete blacklist vulnerability in DownloadListCtrl.cpp in amule 2.2.4 allows remote attackers to conduct argument injection attacks into a command for mplayer via a crafted filename...

CVE-2009-1440

Incomplete blacklist vulnerability in DownloadListCtrl.cpp in amule 2.2.4 allows remote attackers to conduct argument injection attacks into a command for mplayer via a crafted filename...

CVE-2009-1440

CVE-2009-1440 affects amule (eD2k/Kademlia client); the vulnerability is an incomplete blacklist in DownloadListCtrl.cpp that lets a remote attacker craft a filename to inject arguments into the user’s video player. Advisories (Debian DSA-1821-1, Gentoo GLSA-200909-06, OpenVAS, Nessus plugins) co...

aMule 'wxExecute()'任意命令执行漏洞

BUGTRAQ ID: 34683 CNCAN ID：CNCAN-2009042301 aMule是一款与eMule类似的电驴下载软件。 aMule不正确过滤部分字符，远程攻击者可以利用漏洞以应用程序权限执行任意命令。 存在问题的代码src/DownloadListCtrl.cpp： command = wxT"xterm -T "aMule Preview" -iconic -e mplayer '$file'"; ... wxString rawFileName = file-GetFullName.GetRaw; command.ReplacewxT"$file",...

UBUNTU-CVE-2006-2692

Multiple unspecified vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote attackers to read arbitrary image, HTML, or PHP files via unknown vectors, probably related to directory traversal...

CVE-2006-2692

Multiple unspecified vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote attackers to read arbitrary image, HTML, or PHP files via unknown vectors, probably related to directory traversal...

DEBIAN-CVE-2006-2691

Unspecified "information leakage" vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote attackers to access arbitrary images, including dynamically generated images, via unknown vectors...

CVE-2006-2692

Multiple unspecified vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote attackers to read arbitrary image, HTML, or PHP files via unknown vectors, probably related to directory traversal...