Winny File Transfer Heap Overflow Vulnerability
BID:17666
Info
Winny File Transfer Heap Overflow Vulnerability
| Bugtraq ID: | 17666 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 24 2006 12:00AM |
| Updated: | Apr 24 2006 09:16PM |
| Credit: | Discovered by Yuji Ukai. |
| Vulnerable: |
Winny Winny 2.0 b5.7 Winny Winny 2.0b7.1 |
| Not Vulnerable: | |
Discussion
Winny File Transfer Heap Overflow Vulnerability
Winny is prone to a heap-overflow vulnerability. This issue is due to improper boundary checks on data supplied to the file-transfer port. An attacker could exploit this to execute arbitrary code in the context of the user that launched the application.
Winny 2.0 b7.1 and earlier are vulnerable.
Winny is prone to a heap-overflow vulnerability. This issue is due to improper boundary checks on data supplied to the file-transfer port. An attacker could exploit this to execute arbitrary code in the context of the user that launched the application.
Winny 2.0 b7.1 and earlier are vulnerable.
Exploit / POC
Winny File Transfer Heap Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution / Fix
Winny File Transfer Heap Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
References
Winny File Transfer Heap Overflow Vulnerability
References:
References:
- JVN#74294680 - Winny (JPCERT)
- Winny Remote Buffer Overflow Vulnerability (eEye)