uTorrent and BitTorrent File Handling Remote Buffer Overflow Vulnerability
BID:30653
Info
uTorrent and BitTorrent File Handling Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 30653 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2008-4434 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 11 2008 12:00AM |
| Updated: | Nov 20 2008 07:34PM |
| Credit: | Rhys Kidd |
| Vulnerable: |
uTorrent uTorrent 1.7.7 (build 8179) BitTorrent BitTorrent 6.0.3 (build 8642) |
| Not Vulnerable: | |
Discussion
uTorrent and BitTorrent File Handling Remote Buffer Overflow Vulnerability
uTorrent and BitTorrent are prone to a remote buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
Successful exploits allow remote attackers to execute arbitrary machine code in the context of a vulnerable application. Failed exploit attempts will likely result in denial-of-service conditions.
uTorrent 1.7.7 (build 8179) and BitTorrent 6.0.3 (build 8642) are vulnerable; other versions may also be affected.
uTorrent and BitTorrent are prone to a remote buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
Successful exploits allow remote attackers to execute arbitrary machine code in the context of a vulnerable application. Failed exploit attempts will likely result in denial-of-service conditions.
uTorrent 1.7.7 (build 8179) and BitTorrent 6.0.3 (build 8642) are vulnerable; other versions may also be affected.
Exploit / POC
uTorrent and BitTorrent File Handling Remote Buffer Overflow Vulnerability
To exploit this issue, an attacker must entice an unsuspecting user to view a maliciously crafted '.torrent' file.
Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.
The following exploit code is available:
To exploit this issue, an attacker must entice an unsuspecting user to view a maliciously crafted '.torrent' file.
Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.
The following exploit code is available:
Solution / Fix
uTorrent and BitTorrent File Handling Remote Buffer Overflow Vulnerability
Solution:
Reports indicate that this issue was silently fixed by the vendor in uTorrent 1.8.0, but Symantec was unable to confirm this information.
If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Reports indicate that this issue was silently fixed by the vendor in uTorrent 1.8.0, but Symantec was unable to confirm this information.
If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
uTorrent and BitTorrent File Handling Remote Buffer Overflow Vulnerability
References:
References:
- BitTorrent Homepage (BitTorrent)
- Unicode Stack Overflow in µTorrent / Bittorrent Mainline Client (Rhys Kidd)
- uTorrent Homepage (uTorrent )