CVE-2007-5714

Gentoo mldonkey_ebuild < 2.9.0 - Improper Authentication via Default Empty Password

Title source: llm
STIX 2.1

Description

The Gentoo ebuild of MLDonkey before 2.9.0-r3 has a p2p user account with an empty default password and valid login shell, which might allow remote attackers to obtain login access and execute arbitrary code.

References (2)

Core 2
Core References
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200710-25.xml
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27366

Scores

EPSS 0.0135
EPSS Percentile 80.3%

Details

CWE
CWE-287
Status published
Products (1)
gentoo/mldonkey_ebuild < 2.9.0
Published Oct 30, 2007
Tracked Since Feb 18, 2026