Family: CGI abuses --> Category: infos
GNUMP3d < 2.9.6 Multiple Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for multiple vulnerabilities in GNUMP3d < 2.9.6
Detailed Explanation for this Vulnerability Test
The remote streaming server is prone to directory traversal and cross-
site scripting attacks.
The remote host is running GNUMP3d, an open-source audio / video
The installed version of GNUMP3d on the remote host suffers fails to
completely filter out directory traversal sequences from request URIs.
By leveraging this flaw, a possible hacker can read arbitrary files on the
remote subject to the rights under which the server operates. In
addition, it fails to sanitize user-supplied input to several scripts,
which can be used to launch cross-site scripting attacks against the
See also :
Upgrade to GNUMP3d 2.9.7 or later.
Medium / CVSS Base Score : 4
Click HERE for more information and discussions on this network vulnerability scan.