LimeWire < 4.8.0 Directory Traversal Arbitrary File Access
Medium Nessus Network Monitor Plugin ID 2710
SynopsisThe remote client is vulnerable to an arbitrary file download flaw.
DescriptionThe remote host is running LimeWire, a Gnutella client used for peer-to-peer file sharing. The host is running a version of Limewire that is vulnerable to a remote exploit via a parsing error. An attacker exploiting this flaw would pass the client a specially formatted request which, when processed, would give the attacker the ability to download any file on the Gnutella client.
SolutionUpgrade to version 4.8.0 or higher.