FreeBSD : ktorrent -- multiple vulnerabilities (73f53712-d028-11db-8c07-0211d85f11fb)
High Nessus Plugin ID 24797
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionTwo problems have been found in KTorrent :
- KTorrent does not properly sanitize file names to filter out '..' components, so it's possible for an attacker to create a malicious torrent in order to overwrite arbitrary files within the filesystem.
- Messages with invalid chunk indexes aren't rejected.
SolutionUpdate the affected packages.