Re: Peers static overflow in BitTorrent 6.0 and uTorrent 1.7.5

To: bugtraq@xxxxxxxxxxxxxxxxx, bugs@xxxxxxxxxxxxxxxxxxx, news@xxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: Peers static overflow in BitTorrent 6.0 and uTorrent 1.7.5
From: Luigi Auriemma <aluigi@xxxxxxxxxxxxx>
Date: Fri, 25 Jan 2008 20:42:50 +0100
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Secunia has made additional research on the vulnerability I reported a
week ago about the buffer-overflow in uTorrent and has found that remote
code execution is possible.

That's important moreover because in the moment I'm writing there are
still tons of people which use the 1.7.5 or other vulnerables 1.7.x
versions of uTorrent.

Then some days ago has been released BitTorrent 6.0.1 which fixes the
vulnerability in this client too.


--- 
Luigi Auriemma
http://aluigi.org

Prev by Date: C4 Security Advisory - GE Fanuc Proficy Information Portal 2.6 Authentication Vulnerability
Next by Date: [ MDVSA-2008:026 ] - Updated icu packages fix vulnerabilities
Previous by thread: Peers static overflow in BitTorrent 6.0 and uTorrent 1.7.5
Next by thread: Country by Country Computer Sets now available for ISA 2004
Index(es):
- Date
- Thread