| Summary: | net-p2p/bittorrent Unicode Client info Remote DoS (CVE-2008-0364) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Robert Buchholz (RETIRED) <rbu> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED INVALID | ||
| Severity: | normal | CC: | net-p2p |
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://www.securityfocus.com/archive/1/archive/1/486426/100/0/threaded | ||
| Whiteboard: | B4 [upstream?] | ||
| Package list: | Runtime testing required: | --- | |
|
Description
Robert Buchholz (RETIRED)
2008-02-12 18:09:08 UTC
The advisory and CVE entry states versions prior to 6.0 (including our 5.0.9) might also be affected. I could not reproduce this issue with the exploits included with the advisory. Net-p2p, have you heard anything from upstream about this? Can you reproduce (maybe on x86)? "on Windows allows remote attackers to cause a denial of service" Windows only? Oh well, bittorrent-6.0 is based on utorrent, and this looks like its from utorrent, so the linux version(at least 5.0.x) is not affected. I understood that that "on Windows" part was related to utorrent, which is only available on Windows. Luigis's advisory states: "Mac and Linux (both available only on BitTorrent) have not been tested". I can't reproduce this here, maybe you can confirm this, too? (In reply to comment #3) > Oh well, bittorrent-6.0 is based on utorrent, and this looks like its from > utorrent, so the linux version(at least 5.0.x) is not affected. Ok, thanks for the clarification. |