[原文]MUTE 0.4 allows remote attackers to cause a denial of service (messages not forwarded) and obtain sensitive information about a target by filling a client's mWebCache cache with malicious "zombie" nodes.
MUTE P2P MWebCache Host Selection Information Disclosure
Remote / Network Access
Loss of Confidentiality
MUTE contains an issue that may theoretically lead to an unauthorized information disclosure. The issue is triggered when a MUTE client retrieves all of its random hosts from a single MWebCache. If the MWebCache is operated by a malicious attacker and filled with malicious hosts, this may allow identification of the MUTE client and a loss of confidentiality.
Upgrade to a version higher than 0.4.1, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.