Slyck.com
 
Slyck Chatbox - And More

Kazaa Highly Critical Security Vulnerability

Discussions about the FastTrack network and any clients that connect to it
Forum rules
PLEASE READ BEFORE POSTING: Slyck Forum Rules

Kazaa Highly Critical Security Vulnerability

Postby SharedHolder » Sat Sep 04, 2004 12:34 pm

ImageA vulnerability in the Altnet Download Manager included in Kazaa has been reported by CelebrityHacker. The vulnerability is caused due to a boundary error within the "IsValidFile()" method in the ADM ActiveX control. This can be exploited to cause a stack-based buffer overflow via e.g. a malicious web site by passing an overly long string to the "bstrFilepath" parameter. In short, an attacker can execute arbritary code if seccessful. The vulnerability has been confirmed in Altnet Download Manager 4.0.0.4 included in Kazaa 2.7.1. Other versions may also be affected. The cure, according to Secunia, is to remove the Altnet Download Manager ("adm.exe") or uninstall Kazaa.

Source :
http://www.flexbeta.net/main/comments.p ... wnews=9102

Secunia :
http://secunia.com/advisories/12455/
User avatar
SharedHolder
 
Posts: 165
Joined: Mon Jan 05, 2004 8:23 am

Postby notbob » Sat Sep 04, 2004 12:38 pm

gaining control of millions of computers could be considered useful by some...
notbob
 
Posts: 1174
Joined: Mon Nov 10, 2003 8:27 pm


Return to FastTrack/Kazaa

Who is online

Users browsing this forum: No registered users and 2 guests

cron
© 2001-2008 Slyck.com