colegg
06-01-2003, 02:06 AM
On the 28th of May (03), my Antivirus supplier (Panda) sent an email to me containing the following warning (which arrives as a standard subscriber nominated newsletter). I would like some comments on this.
ZDNet has reported, at
http://news.zdnet.co.uk/story/0,,t269-s2135233,00.html, a vulnerability affecting the Kazaa and iMesh file-sharing networks.
The problem lies in the software that controls the FastTrack network used by P2P (peer to peer) applications like Kazaa and iMesh. Despite plans to release the corresponding patches very shortly and recommending that users apply them as soon as possible, the developers of these networks claim the vulnerability is not serious.
According to the original advisory, an attacker could control or crash the FastTrack "supernodes" that P2P users connect to. The problem could allow an attacker to run arbitrary code on file sharing servers and therefore affect all users of the network. For this reason, the vulnerability is considered serious.
ZDNet has reported, at
http://news.zdnet.co.uk/story/0,,t269-s2135233,00.html, a vulnerability affecting the Kazaa and iMesh file-sharing networks.
The problem lies in the software that controls the FastTrack network used by P2P (peer to peer) applications like Kazaa and iMesh. Despite plans to release the corresponding patches very shortly and recommending that users apply them as soon as possible, the developers of these networks claim the vulnerability is not serious.
According to the original advisory, an attacker could control or crash the FastTrack "supernodes" that P2P users connect to. The problem could allow an attacker to run arbitrary code on file sharing servers and therefore affect all users of the network. For this reason, the vulnerability is considered serious.