RSS
Home > News > uTorrent “Highly Critical” Vulnerability Discovered
Aug 13 2008

uTorrent “Highly Critical” Vulnerability Discovered

  • Written by soulxtc
  • 3 Comments


Also affects the official BitTorrent client server.

Rhys Kidd of Insecure.org’s "Dailydave" is reporting the recent discovery of "vulnerable uTorrent code" that affects both uTorrent as well as the official BitTorrent client server.

"A vulnerability has been discovered in BitTorrent, which potentially can be exploited by malicious people to compromise a user’s system," reads a security warning.

The exploit is confirmed in uTorrent version 1.7.7 (build 8179), but is solved by simply updating to version 1.8 stable, which was just released.

It’s also confirmed in the official BitTorrent version 6.0.3 (build 8642), but the only solution far is to refrain from opening untrusted ".torrent" files.

"The vulnerability is caused due to a boundary error in the processing of ‘.torrent’ files," continues the security warning. "This can be exploited to cause a stack-based buffer overflow by tricking the user into opening a ".torrent" file containing an overly long ‘created by’ field."

Successful exploitation of the vulnerability may allow malicious users to inject arbitrary code.

Related Posts

  1. ‘Highly critical’ Linux flaw patches
  2. uTorrent 1.7.7 Stable Released
  3. New Windows Vulnerability: Microsoft Urges Customers To Install New Patch
  4. uTorrent exploit revealed
  5. Apple fixes critical iTunes bug
Zeropaid on Facebook

This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.

Comments

  1. Petrena - August 13, 2008 at 9:39 am

    Makes me wonder who are these malicious users that do inject arbitary code and what would they actually gain from doing this.

    Reply
  2. Mord_Sith - August 13, 2008 at 5:56 pm

    Remember the wanker that was dropping viruses on filesharing PCs? probably more of that jazz…

    Reply
  3. TheRealMcCoy - August 16, 2008 at 5:45 am

    Do people like this who waste their lives doing these retarded things actually have a day job or any useful purpose?… why do they make me think about parasites…like nits or some kind of fungal infection? = S

    Reply
Trackbacks url:

Leave a Comment...

Giganews Newsgroups


1 Star2 Stars3 Stars4 Stars5 Stars
(1 votes, average: 4.00 out of 5) Loading ... Loading ...

  • streamOG: SoulXTC, Actually DRM is about content owners doing what they can to enforce their copyrights as much as they can. Fo...
  • soulxtc: No single thing has killed the music industry. DRM is simply part of its pattern of ignoring consumers. Also, DRM fo...
  • streamOG: Jared, Apple only did that so they could extend their customer base out beyond the iPod. It had absolutely zero to do...
  • methylated: Number one tool for searching rare music. Nothing comes close. There are two servers now, so download both of the cli...
  • zeropaid: Sure, except Apple started with DRM on everything, recognized their mistake, removed DRM from audio tracks: http://www....
  • streamOG: Jared, DRM didn't kill the music industry any more than it made the movie/video industry. You can't say con...
  • soulxtc: Exactly. The only way to fight P2P is to inspect each and every data packet. If I have to choose between totalitarianism...
  • Victim of PirateBay: lol PirateBay SUCKS you go to thier website and all of a sudden you are attacked with viruses and spyware. Anyone that l...
    • sdsd