CVE-2007-5714

Gentoo Mldonkey Ebuild < 2.9.0 - Authentication Bypass

Title source: rule

Description

The Gentoo ebuild of MLDonkey before 2.9.0-r3 has a p2p user account with an empty default password and valid login shell, which might allow remote attackers to obtain login access and execute arbitrary code.

References (2)

[Third Party Advisory] http://security.gentoo.org/glsa/glsa-200710-25.xml

[Third Party Advisory] http://secunia.com/advisories/27366

Scores

EPSS 0.0135

EPSS Percentile 79.9%

Classification

CWE

CWE-287

Status draft

Affected Products (1)

gentoo/mldonkey_ebuild < 2.9.0

Timeline

Published Oct 30, 2007

Tracked Since Feb 18, 2026