Lucene search
RootSSV:18930HistoryJan 12, 2010 - 12:00 a.m.
Transmission任意文件覆盖漏洞
2010-01-1200:00:00
Root
www.seebug.org
18
0.022 Low
EPSS
Percentile
88.3%
Bugraq ID: 37659
CVE ID:CVE-2010-0012
Transmission是一款*nix下的BT下载软件。
Transmission在保存文件前应用程序不正确过滤"name"关键词,攻击者构建一个在"name"关键词中包含"…/"目录遍历序列的.torrent文件,诱使用户打开,可覆盖本地系统中的任意文件。
Transmission Project Transmission 1.76
Transmission Project Transmission 1.50
Transmission Project Transmission 1.41
Transmission 1.77已经修复此漏洞,建议用户下载使用:
http://www.transmissionbt.com/
http://launchpadlibrarian.net/37213548/EVIL.torrent
Related
securityvulns
securityvulns
[SECURITY] [DSA 1967-1] New transmission packages fix directory traversal
2010-01-08 00:00:00
Transmission bittorent client directory traversal
2010-01-08 00:00:00
nessus
nessus
openSUSE Security Update : transmission (transmission-1777)
2010-01-22 00:00:00
openSUSE Security Update : transmission (transmission-1777)
2010-01-22 00:00:00
Mandriva Linux Security Advisory : transmission (MDVSA-2010:014)
2010-07-30 00:00:00
debian
debian
[Backports-security-announce] Security update for transmission
2010-01-30 18:09:41
[SECURITY] [DSA 1967-1] New transmission packages fix directory traversal
2010-01-07 19:41:56
[Backports-security-announce] Security update for transmission
2010-01-30 18:51:29
cve
cve
CVE-2010-0012
2010-01-08 17:30:00
openvas
openvas
Mandriva Update for transmission MDVSA-2010:014 (transmission)
2010-01-20 00:00:00
Debian Security Advisory DSA 1967-1 (transmission)
2010-01-11 00:00:00
Mandriva Update for transmission MDVSA-2010:014 (transmission)
2010-01-20 00:00:00
altlinux
altlinux
prion
prion
Directory traversal
2010-01-08 17:30:00
ubuntucve
ubuntucve
CVE-2010-0012
2010-01-08 00:00:00
osv
osv
transmission - directory traversal
2010-01-07 00:00:00
debiancve
debiancve
CVE-2010-0012
2010-01-08 17:30:00
ubuntu
ubuntu
Transmission vulnerabilities
2010-01-18 00:00:00
suse
suse
remote code execution in acroread
2010-01-26 16:40:23