Shareaza P2P Remote Vulnerability

From: Ryan Smith <whatstheaddress@xxxxxxxxx>
Date: Fri, 27 Jan 2006 06:45:46 -0600

Abstract:
There is a vulnerability present in the latest version of the Shareaza
P2P file trading software. At a minimum, this vulnerability would
easily allow parties (RIAA) to disrupt P2P services. Remote code
execution is also possible.

Products affected:
Shareaza
eTomi

Vulnerability Impact:
Remote Code Execution

Credit:
Ryan Smith (whatstheaddress@xxxxxxxxx)

Advisory:
http://www.hustlelabs.com/shareaza_advisory.pdf

Prev by Date: CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]
Next by Date: [ MDKSA-2006:024 ] - Updated ImageMagick packages fix vulnerabilities
Previous by thread: CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]
Next by thread: [ MDKSA-2006:024 ] - Updated ImageMagick packages fix vulnerabilities
Index(es):
- Date
- Thread

Relevant Pages

RE: Microsoft Security Bulletins for August 2008
... MS08-042 - Vulnerability in Microsoft Word Could Allow Remote Code Execution ...
(microsoft.public.windowsupdate)
Microsoft Security Bulletin (Critical 3, Important 4, Moderate 2)
... Individual Bulletins: ... Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution ... Vulnerability in the Client Services for Netware Could Allow Remote Code ...
(alt.computer.security)
Re: Microsoft Update KB896423
... Vulnerability in Print Spooler Service Could Allow Remote Code Execution ...
(microsoft.public.windowsxp.hardware)
Re: MS05-002 on 9x and ME
... Not too eager to reinstall ... as a fix for when a "Vulnerability in Cursor and Icon Format Handling ... Could Allow Remote Code Execution". ...
(microsoft.public.security)
RE: [Full-disclosure] Shareaza Remote Vulnerability
... > There is a vulnerability in the current version of Shareaza, ... > a P2P file sharing product. ... > These vulnerabilities were discovered and researched by Ryan Smith. ...
(Full-Disclosure)