2 matches found
Transmission: Remote code execution
Background Transmission is a cross-platform BitTorrent client. Description A vulnerability was discovered in how Transmission handles access control through the X-Transmission-Session-Id. Impact A remote attacker could execute arbitrary RFC commands or consequently conduct a DNS rebinding attack...
transmission-daemon -- vulnerable to dns rebinding attacks
Google Project Zero reports: The transmission bittorrent client uses a client/server architecture, the user interface is the client which communicates to the worker daemon using JSON RPC requests. As with all HTTP RPC schemes like this, any website can send requests to the daemon listening on...