Summary: | net-p2p/bittorrent: Web interface DoS (CVE-2008-7166) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Alex Legler (RETIRED) <a3li> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED OBSOLETE | ||
Severity: | minor | CC: | esigra, net-p2p |
Priority: | High | Keywords: | PMASKED |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://secunia.com/advisories/28695/2/ | ||
Whiteboard: | B3 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Alex Legler (RETIRED)
2009-09-06 09:38:39 UTC
Filed as UNCO as it up to date only the Windows version has been proven vulnerable. No patch available atm. We don't even have this version in the tree. The original advisory says: Versions: BitTorrent <= 6.0.1 (build 7859) http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-7166 says that 4.4.0 is affected. @maintainers: I think it's necessary to bump to >6.0.1, no patch/workaround seems to be available. Still unclear whether this is windows-only. removed from the tree net-p2p/bittorrent removed from tree months ago per previous comment closing as package is no longer in tree |