P2P: LimeWire Directory Transversal
This signature detects an attempt to exploit a known vulnerability affecting the LimeWire application. A successful attack can cause a LimeWire client to disclose the content of any file on the host system.
Extended Description
Multiple remote unauthorized access vulnerabilities affect Lime Wire. These issues are due to the application failing to securely service malicious requests. Two issues have been reported; both issues are due to a failure of the application to ensure that file requests for files outside of the application's shared directory are denied. An attacker may leverage these issues to gain access to potentially sensitive files with the permissions of the unsuspecting user that activated the affected application.
Affected Products
Lime_wire_llc lime_wire
References
CVE: CVE-2005-0789
Short Name
P2P:GNUTELLA:LIMEWIRE-DIR-TRANS
Severity
Warning
Recommended
False
Recommended Action
None
Category
P2P
Keywords
CVE-2005-0789 Directory LimeWire Transversal
Release Date
09/01/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
TCP/6346
False Positive
Unknown
Vendors
Lime_wire_llc
CVSS Score
5.0