Lucene search
K

14 matches found

Veracode
Veracode
added 2020/04/10 1:1 a.m.27 views

Directory Traversal

kdenetwork is vulnerable to directory traversal. The vulnerability exists as a flaw was found in the way KGet, a download manager, handled the "file" element in Metalink files. An attacker could use this flaw to create a specially-crafted Metalink file that, when opened, would cause KGet to...

5.8CVSS3.1AI score0.03119EPSS
Exploits0References18Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.35 views

openSUSE Security Update : kdenetwork4 (openSUSE-SU-2010:1076-1)

This update of kdenetwork fixes several bugs, the security related issues are : - CVE-2010-1000: CVSS v2 Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N: CWE-22 The 'name' attribute of the 'file' element of metalink files is not properly sanitised this can be exploited to download files to arbitrary...

5.8CVSS5.6AI score0.03849EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.38 views

Oracle Linux 6 : kdenetwork (ELSA-2011-0465)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2011-0465 advisory. 7:4.3.4-11.1 - CVE-2010-1000, improper sanitization of metalink attribute for downloading files Tenable has extracted the preceding description block directly...

5.8CVSS5.5AI score0.03849EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2011/06/13 12:0 a.m.30 views

Ubuntu 9.10 / 10.04 LTS / 10.10 : kdenetwork vulnerability (USN-1114-1)

It was discovered that KGet did not properly perform input validation when processing metalink files. If a user were tricked into opening a crafted metalink file, a remote attacker could overwrite files via directory traversal, which could eventually lead to arbitrary code execution. Note that...

5.8CVSS5.7AI score0.03119EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2011/04/21 4:53 p.m.29 views

Important: Red Hat Security Advisory: kdenetwork security update

Updated kdenetwork packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

5.8CVSS5.8AI score0.03119EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2011/04/18 8:56 p.m.56 views

USN-1114-1: KDENetwork vulnerability

It was discovered that KGet did not properly perform input validation when processing metalink files. If a user were tricked into opening a crafted metalink file, a remote attacker could overwrite files via directory traversal, which could eventually lead to arbitrary code execution...

5.8CVSS5.7AI score0.03119EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/09/14 12:0 a.m.18 views

openSUSE Security Update : aria2 (openSUSE-SU-2010:0338-2)

Specially crafted metalink files could trick aria2 into store downloaded files outside of the intended directory CVE-2010-1512. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update aria2-3063. The...

4.3CVSS5.2AI score0.03159EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2010/06/04 12:0 a.m.16 views

Orbit Downloader metalink 'name' Directory Traversal Vulnerability

This host is installed with Orbit Downloader and is prone to directory traversal vulnerability. OpenVAS Vulnerability Test $Id: gborbitdownloadermetalinkdirtraversalvuln.nasl 5323 2017-02-17 08:49:23Z teissa $ Orbit Downloader metalink 'name' Directory Traversal Vulnerability Authors: Sooraj KS...

4.3CVSS6.7AI score0.02956EPSS
Exploits0References3
securityvulns
securityvulns
added 2010/05/21 12:0 a.m.28 views

Secunia Research: Orbit Downloader metalink "name" Directory Traversal

====================================================================== Secunia Research 19/05/2010 - Orbit Downloader metalink "name" Directory Traversal - ====================================================================== Table of Contents Affected...

1.6AI score
Exploits0
securityvulns
securityvulns
added 2010/05/21 12:0 a.m.29 views

Orbit Downloader directory traversal

metalink files directory traversal...

4.1AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2010/05/17 12:0 a.m.35 views

Secunia Research: aria2 metalink "name" Directory Traversal Vulnerability

====================================================================== Secunia Research 13/05/2010 - aria2 metalink "name" Directory Traversal Vulnerability - ====================================================================== Table of Contents Affected...

4.3CVSS0.7AI score0.03159EPSS
Exploits0
OSV
OSV
added 2010/05/17 12:0 a.m.16 views

DSA-2047-1 aria2 - directory traversal

Bulletin has no description...

4.3CVSS6AI score0.03159EPSS
Exploits0
securityvulns
securityvulns
added 2010/05/17 12:0 a.m.32 views

aria2 directory traversal

Directory traversal via metalink files...

4.3CVSS4.8AI score0.03159EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2010/05/13 8:40 a.m.56 views

USN-938-1: KDENetwork vulnerabilities

It was discovered that KGet did not properly perform input validation when processing metalink files. If a user were tricked into opening a crafted metalink file, a remote attacker could overwrite files via directory traversal, which could eventually lead to arbitrary code execution. CVE-2010-100...

6.4CVSS5.8AI score0.03849EPSS
Exploits0
Rows per page
Query Builder