Gentoo Linux Security Advisory GLSA 200903-36 – A vulnerability in the MLDonkey web interface allows remote attackers to disclose arbitrary files. Michael Peselnik reported that src/utils/lib/url.ml in the web interface of MLDonkey does not handle file names with leading double slashes properly. Versions less than 3.0.0 are affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/75993/glsa-200903-36.txt
Source: https://packetstormsecurity.com/files/75993/Gentoo-Linux-Security-Advisory-200903-36.html