Also affects the official BitTorrent client server.
Rhys Kidd of Insecure.org’s "Dailydave" is reporting the recent discovery of "vulnerable uTorrent code" that affects both uTorrent as well as the official BitTorrent client server.
"A vulnerability has been discovered in BitTorrent, which potentially can be exploited by malicious people to compromise a user’s system," reads a security warning.
The exploit is confirmed in uTorrent version 1.7.7 (build 8179), but is solved by simply updating to version 1.8 stable, which was just released.
It’s also confirmed in the official BitTorrent version 6.0.3 (build 8642), but the only solution far is to refrain from opening untrusted ".torrent" files.
"The vulnerability is caused due to a boundary error in the processing of ‘.torrent’ files," continues the security warning. "This can be exploited to cause a stack-based buffer overflow by tricking the user into opening a ".torrent" file containing an overly long ‘created by’ field."
Successful exploitation of the vulnerability may allow malicious users to inject arbitrary code.
Related Posts
- ‘Highly critical’ Linux flaw patches
- uTorrent 1.7.7 Stable Released
- New Windows Vulnerability: Microsoft Urges Customers To Install New Patch
- uTorrent exploit revealed
- Apple fixes critical iTunes bug
Loading ...
Makes me wonder who are these malicious users that do inject arbitary code and what would they actually gain from doing this.
Remember the wanker that was dropping viruses on filesharing PCs? probably more of that jazz…
Do people like this who waste their lives doing these retarded things actually have a day job or any useful purpose?… why do they make me think about parasites…like nits or some kind of fungal infection? = S