4.0.6

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

free-peers

NVD

Published: 2002-12-31

Updated: 2008-09-05

Summary

Directory traversal vulnerability in BearShare 4.0.5 and 4.0.6 allows remote attackers to read files outside of the web root by hex-encoding the "/" (forward slash) or "." (dot) characters.

Vulnerable Configurations

Part	Description	Count
Application	Free_Peers Free Peers Bearshare 4.0.5 Free Peers Bearshare 4.0.6	2

References

http://online.securityfocus.com/archive/1/294078
http://www.iss.net/security_center/static/10240.php
http://www.securityfocus.com/bid/5888