• info
• discussion
• exploit
• solution
• references

MLDonkey Country-Based IP Blocking Security Bypass Vulnerability

MLDonkey is prone to a security-bypass vulnerability due to a design error.

Users who enable country-based IP-blocking may have a false sense of security.

Attackers can exploit this issue to temporarily connect to the application using supposedly blocked IP addresses.

Versions prior to MLDonkey 2.9.0 are vulnerable.