Hopefully admins will do a little research before banning 1.6.1...
http://forum.utorrent.com/viewtopic....298736#p298736
http://torrentfreak.com/bittorrent-c...comment-267207
I've spent some time looking into this issue.
The POC code on milw0rm relies on creating a malicious torrent file which the uT user opens. On any sites without public uploads, or those that clean the uploaded torrents, there is no real problem.
Another issue mentioned on torrentfreak recently revolves around an overflow bug in extended messaging.
When an attacker sends a long enough string for version info, and the user views the peers tab, uT will crash.
1.6.x versions are not vulnerable to this attack, as they never display the version info obtained from extended messaging in the peers tab.
1.7.x are vulnerable.
Have not tested 1.8.x
1.6.x still has some life in it yet
hurray for 1.6 and yay for hype... and hurrah for conspiracy theories!
Also, on a sidenote;
xxxxxxx wrote:Raiders wrote:What’s the thrill of shutting uTorrent down on someone?Exactly. There is none. There are no systems to be taken over using this bug. And as for some TRUE statistics regarding this ‘problem’:
Being a co-admin of a 40000+ active members torrent community I can state that of the 79% in this community that are (still) using µTorrent 1.7.5, not one, I repeat: NOT 1 complaint about a freeze of crash of their client has been seen or reported yet. 3% has already updated (thanks to the autoupdate feature) to 1.7.6
This is all one big panic for (as far as I can see) an overhyped non-issue.
Listen up, cause I'm only telling you this once. I'm not bedtime story lady, so pay attention. The world is *screwed* now.
No celebrities, no cable TV, no water. It hasn't rained in 11 years. Now 20 people gotta squeeze inside the same bathtub - so it ain't all bad.
TL didn't ban older versions of uT, though they recommend updating. i hope they read rvt 's post as it is the only valuable post at this thread so far.
@Cabalo
Same here.
Excuse Me?
Didn't Think So!
i can also confirm rvt's claim for 1.6.x .. the new 'bug' they found doesnt affect that version....
makes u think what other fuck-ups they ve done on the 1.7 one.. if i ever used ut, now would be the time for me to switch to another client or just keep the 1.6.x ones.
u cant find that many bugs, as they've introduced, in alpha versions of software, let alone builds that are released to the general public....
Thanks man
I install whatever bitmetv tells me to as they are no fuss people and ban for negligence
1.7.6 it is then
Bookmarks