[ insider_reports_insider ]
BitTorrent Clients Suffer Overflow Flaw
David Utter
Staff Writer
2008-08-14
 Insider Reports RSS Feed
Software clients from BitTorrent and uTorrent contain critical vulnerabilities that could permit remote code execution.
 | | BitTorrent Clients Suffer Overflow Flaw |  |
The BitTorrent protocol permit fast sharing of files through a peer to peer process. Since people use it to move copyrighted material as well as works not restricted that way, the usage of P2P continues to be controversial.
Security matters about the protocol are anything but controversial. When there is a flaw, someone will try to exploit it, and the popular appeal of BitTorrent makes it likely such an attempt could affect a lot of people.
That makes the report out of security issue tracker Secunia, which said a stack based buffer overflow could be triggered by opening a .torrent file with an overly long "created by" field. The use of uTorrent's code in the BitTorrent client makes it vulnerable in similar fashion.
Users of uTorrent can upgrade to the 1.8 RC7 version to eliminate the problem. The BitTorrent client has no solution or workaround available other than to avoid opening untrusted .torrent files.
It's not news, it's MSNBC spam: If MSNBC felt left out while all of that fake CNN spam hit inboxes everywhere, they can stop worrying. Junk messages leading people to a phony CNN video codec, actually a disguised Trojan file, now have a copycat MSNBC version in circulation.
PandaLabs said on their blog they witnessed MSNBC Breaking News spam leading people to the same fake CNN file. The security vendor said they expect to see more copycat spam in other variations hit the Internet in coming days.
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
