gnut gnutella client html injectionFrom: firstname.lastname@example.org
- Previous message: Keith Stevenson: "Re: ISS Advisory: Remote Buffer Overflow Vulnerability in BSD Line Printer Daemon"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 31 Aug 2001 01:35:30 +0200 From: email@example.com To: firstname.lastname@example.org Subject: gnut gnutella client html injection Message-ID: <20010831013530.A5226@spartakus.turithil.org>
I recently discovered a bug in gnut, a console/www Gnutella client for Linux
and Windows, that allows the injection of html code in the Search Result Page
of the Webfrontend.
This is done by sharing a file with html tags embedded.
test<HR>.mp3 for example
The html code will be displayed in the browser of every gnut webfrontend user,
who gets that file as a search result.
The risk is increased by the fact that the webfrontend is often run from
localhost, thus circumventing many browser security policies/settings.
localhost, while not doing so for remote hosts in general.
I contacted the author, who responded and addressed the problem quickly.
The most recent version of gnut, 0.4.27, has already been patched as I write
It is available here:
- application/pgp-signature attachment: stored