CVE-2008-5905

N/A Unknown

Published: January 15, 2009 Modified: April 23, 2026

Description

The web interface plugin in KTorrent before 3.1.4 allows remote attackers to bypass intended access restrictions and upload arbitrary torrent files, and trigger the start of downloads and seeding, via a crafted HTTP POST request.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504178

Source: cve@mitre.org

http://ktorrent.org/?q=node/23

Source: cve@mitre.org

Vendor Advisory

http://openwall.com/lists/oss-security/2009/01/08/1

Source: cve@mitre.org

http://secunia.com/advisories/32442

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/32447

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/33675

Source: cve@mitre.org

http://secunia.com/advisories/34003

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200902-05.xml

Source: cve@mitre.org

http://www.securityfocus.com/bid/31927

Source: cve@mitre.org

http://www.ubuntu.com/usn/USN-711-1

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/2911

Source: cve@mitre.org

https://bugs.gentoo.org/show_bug.cgi?id=244741

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/46117

Source: cve@mitre.org

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504178