Full Disclosure mailing list archives

Re: Peers static overflow in BitTorrent 6.0 and uTorrent 1.7.5

From: Luigi Auriemma <aluigi () autistici org>
Date: Fri, 25 Jan 2008 20:42:50 +0100


Secunia has made additional research on the vulnerability I reported a
week ago about the buffer-overflow in uTorrent and has found that remote
code execution is possible.

That's important moreover because in the moment I'm writing there are
still tons of people which use the 1.7.5 or other vulnerables 1.7.x
versions of uTorrent.

Then some days ago has been released BitTorrent 6.0.1 which fixes the
vulnerability in this client too.


--- 
Luigi Auriemma
http://aluigi.org

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Peers static overflow in BitTorrent 6.0 and uTorrent 1.7.5 Luigi Auriemma (Jan 16)
- <Possible follow-ups>
- Re: Peers static overflow in BitTorrent 6.0 and uTorrent 1.7.5 Luigi Auriemma (Jan 25)