CVE Vulnerabilities

CVE-2006-6331

Published: Dec 06, 2006 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6 MEDIUM
AV:N/AC:M/Au:S/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

metaInfo.php in TorrentFlux 2.2, when $cfg[enable_file_priority] is false, allows remote attackers to execute arbitrary commands via shell metacharacters (backticks) in the torrent parameter to (1) details.php and (2) startpop.php.

Affected Software

Name Vendor Start Version End Version
Torrentflux Torrentflux 2.2 2.2
Torrentflux Ubuntu devel *
Torrentflux Ubuntu edgy *
Torrentflux Ubuntu feisty *
Torrentflux Ubuntu gutsy *

References