Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
CVE ID: | CVE-2000-0412 |
Description: | The gnapster and knapster clients for Napster do not properly restrict access only to MP3 files, which allows remote attackers to read arbitrary files from the client by specifying the full pathname for the file. |
Test IDs: | 1.3.6.1.4.1.25623.1.0.10408 |
Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2000-0412 BugTraq ID: 1186 http://www.securityfocus.com/bid/1186 Bugtraq: 20000510 Gnapster Vulnerability Compromises User-readable Files (Google Search) http://archives.neohapsis.com/archives/bugtraq/2000-05/0127.html Bugtraq: 20000510 KNapster Vulnerability Compromises User-readable Files (Google Search) http://archives.neohapsis.com/archives/bugtraq/2000-05/0124.html FreeBSD Security Advisory: FreeBSD-SA-00:18 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:18-gnapster.adv XForce ISS Database: gnapster-view-files |