Summary: | <net-p2p/ctorrent-3.3.2-r1: Stack-based buffer overflow (CVE-2009-1759) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Alex Legler (RETIRED) <a3li> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | net-p2p, throw_away_2002 |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://milw0rm.com/exploits/8470 | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Alex Legler (RETIRED)
2009-04-21 08:27:04 UTC
"#Exploit tested on cTorrent 1.3.4 using Debian Sarge using Linux kernel 2.4.27-3-386 #Can't get the exploit working on a modern linux kernel because of ASLR" We might need to investigate further on that. CVE-2009-1759 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1759): Stack-based buffer overflow in the btFiles::BuildFromMI function (trunk/btfiles.cpp) in Enhanced CTorrent (aka dTorrent) 3.3.2 and probably earlier, and CTorrent 1.3.4, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Torrent file containing a long path. net-p2p, ping +*ctorrent-3.3.2-r1 (30 Aug 2010) + + 30 Aug 2010; Alex Legler <a3li@gentoo.org> +ctorrent-3.3.2-r1.ebuild, + +files/ctorrent-CVE-2009-1759.patch: + Non-maintainer commit: Revision bump to fix CVE-2009-1759, bug 266953. + Arches, please test and mark stable: =net-p2p/ctorrent-3.3.2-r1 Target keywords : "amd64 arm ppc s390 sh x86" Builds and runs fine on x86. Please mark stable for x86. x86 stable, thanks Myckel amd64 done Marked ppc stable. arm/s390/sh stable GLSA request filed. This issue was resolved and addressed in GLSA 201311-11 at http://security.gentoo.org/glsa/glsa-201311-11.xml by GLSA coordinator Sergey Popov (pinkbyte). |