|
Kazaa and FastTrack P2P Network Client Buffer Overflow Vulnerability
|
|
Secunia Advisory:
|
SA8868
|
|
|
Release Date:
|
2003-05-28
|
|
Popularity:
|
15,067 views
|
|
|
Critical:
|
 Highly critical
|
|
Impact:
|
DoS System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | FastTrack P2P Grokster 1.x iMesh 3.x Kazaa 1.x Kazaa 2.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
Description: A vulnerability has been identified in FastTrack, the technology behind Kazaa, Grokster, iMesh and possibly other P2P (peer-to-peer) network clients. The vulnerability could be exploited to cause a Denial of Service on the so called supernodes and potentially also compromise of these.
Explanation: Supernodes are clients that have a high uptime, large bandwidth, a public IP address, powerful CPU and a large amount of RAM. Supernodes keep tracks of other supernodes and of clients that are logged onto the network.
Facts: There is about 3 million supernodes, which each serves up to 300 "ordinary" clients.
Any user of a P2P client, which is based upon FastTrack, could unknowingly become a supernode (this is not necessarily true for all kinds of client software, as it may require user acceptance).
The problem is that the client acting as a supernode accepts incoming requests with information about other supernodes. The packets sent to the supernode may only contain information about 200 other supernodes. If the packet contains information about 203 or more supernodes, it may overflow the allocated buffer. This causes the supernode to crash.
It has also been reported, that this could be exploited to execute arbitrary code on the supernode with a 50% success ratio. This, however, has not been confirmed.
This vulnerability could be exploited to lay down all P2P networks based upon FastTrack.
If it is possible to execute arbitrary code on the vulnerable supernodes, then this vulnerability could be exploited by a worm or virus.
Solution: An updated version of Kazaa (2.1.1) has been released:
http://www.kazaa.com/us/products/downloadKMD.htm
Do not use P2P software on corporate networks, as it in general poses a significant security risk. Never use P2P software on systems containing sensitive data.
Provided and/or discovered by: random nut
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
10th Oct, 2008
|
New advisories:
|
15 |
|
New vulnerabilities:
|
83 |
|
Updated advisories:
|
41 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Solutions | More...
|
|