aMule Information Disclosure Vulnerability
SECUNIA ADVISORY ID:
Exposure of system information, Exposure of sensitive information
A vulnerability has been reported in aMule, which can be exploited by
malicious people and by malicious users to disclose potentially
Input passed to unspecified parameters in the URL to aMuleWeb is not
properly sanitised before being used. This can be exploited by
unauthenticated users to gain access to any image files, or by
authenticated users to gain access to html and PHP files on the
Successful exploitation requires that the full pathname of the file
The vulnerability has been reported in versions prior to 2.1.2.
Update to version 2.1.2.