bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/multiple/remote/8097.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

14 lines
No EOL
501 B
Text
Raw Permalink Blame History

MLdonkey (up to 2.9.7) has a vulnerability that allows remote user to access any
file with rights of running Mldonkey daemon by supplying a
special-crafted request (ok, there's not much special about double
slash) to an Mldonkey http GUI (tcp/4080 usually).
Reference:
https://savannah.nongnu.org/bugs/?25667
Thus, the exploit would be as simple as accessing any file on a remote
host with your browser and double slash:
http://mlhost:4080//etc/passwd
# milw0rm.com [2009-02-23]
Reference in a new issue View git blame Copy permalink