MidnightBSD

Advisories for free_peers

CVE-2001-0368 MEDIUM

Directory traversal vulnerability in BearShare 2.2.2 and earlier allows a remote attacker to read certain files via a URL containing a series of . characters, a variation of the .. (dot dot) attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
free_peers bearshare 2.2.1
free_peers bearshare *
free_peers bearshare 2.2
CVE-2002-2144 MEDIUM

Directory traversal vulnerability in BearShare 4.0.5 and 4.0.6 allows remote attackers to read files outside of the web root by hex-encoding the "/" (forward slash) or "." (dot) characters.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
free_peers bearshare 4.0.6
free_peers bearshare 4.0.5