Your Ad Here Your Ad Here
Page 1 of 3 123 LastLast
Results 1 to 10 of 27

Thread: Critical vulnerability discovered in uTorrent

  1. #1
    Nemrod's Avatar Buffering my life BT Rep: +45BT Rep +45BT Rep +45BT Rep +45BT Rep +45BT Rep +45BT Rep +45BT Rep +45BT Rep +45
    Join Date
    Oct 2007
    Age
    38
    Posts
    1,562

    Urgent

    Critical Vulnerability Discovered in uTorrent


    A vulnerability described as ‘critical’ has been discovered in versions of uTorrent and the official BitTorrent client. The ‘buffer overflow’ vulnerability can be exploited to compromise a user’s computer for the execution of arbitrary code. It is suggested that users should immediately update to uTorrent version 1.8 RC7 or higher. There is currently no fix for the official client.

    Secunia has issued two urgent security alerts, one for uTorrent and the other for the official BitTorrent client. Both clients are being developed by BitTorrent Inc.
    The vulnerability was found in uTorrent and can be maliciously exploited to compromise a user’s computer, however, it also affects the official BitTorrent client since it’s based on the uTorrent code.
    According to Secunia, “the vulnerability is caused due to a boundary error in the processing of .torrent files. This can be exploited to cause a stack-based buffer overflow by tricking the user into opening a .torrent file containing an overly long ‘created by’ field”.
    A successful execution of the exploit would allow the attacker to run arbitrary code on the victim’s machine.
    The vulnerability exists in uTorrent version 1.7.7 (Build 8179) and may well affect earlier versions too, although this isn’t yet confirmed. The flaw is also present in the official BitTorrent client, versions 6.xx.
    The solution for uTorrent users is to immediately upgrade to version 1.8. Currently there is no solution for those using the official client so caution is advised when using unverified torrents.






    Source: TorrentFreak








  2. BitTorrent   -   #2
    SgtMajor's Avatar Shut up u Lovely Boi BT Rep: +100BT Rep +100BT Rep +100BT Rep +100BT Rep +100BT Rep +100BT Rep +100BT Rep +100BT Rep +100BT Rep +100BT Rep +100BT Rep +100BT Rep +100BT Rep +100BT Rep +100BT Rep +100BT Rep +100BT Rep +100BT Rep +100BT Rep +100
    Join Date
    Feb 2004
    Posts
    5,286
    I recall they announced all this when 1.7 came out and we were all advised to upgrade from our beloved 1.6.1.

    Some trackers went into a wet frenzy and within a week we were all confused and had to run different version of utorrent for different trackers.

    Seems like a case of "forced upgrade" again?
    Yes Sir, I'm Right On It!!

  3. BitTorrent   -   #3
    yea right , the vulnerability was waiting to be discovered until 1.8 went gold .this is what they said when utorrent 1.7 was released , ditch 1.6 A.S.A.P blah blah

    edit : major we think alike ?
    wear a condom all the time , yes at all times

  4. BitTorrent   -   #4
    Nemrod's Avatar Buffering my life BT Rep: +45BT Rep +45BT Rep +45BT Rep +45BT Rep +45BT Rep +45BT Rep +45BT Rep +45BT Rep +45
    Join Date
    Oct 2007
    Age
    38
    Posts
    1,562
    Quote Originally Posted by SgtMajor View Post
    I recall they announced all this when 1.7 came out and we were all advised to upgrade from our beloved 1.6.1.

    Some trackers went into a wet frenzy and within a week we were all confused and had to run different version of utorrent for different trackers.

    Seems like a case of "forced upgrade" again?

    That was my first thought too.

    I´d like to hear what some staff have to say. I don´t want to pass by that calvary again.








  5. BitTorrent   -   #5
    BANNED BT Rep: +25BT Rep +25BT Rep +25BT Rep +25BT Rep +25
    Join Date
    Jan 2008
    Posts
    1,433
    Scam Cohen et. al. forcing you PC users to upgrade again eh?

    Transmission ftw!

  6. BitTorrent   -   #6
    I dont see the big deal for people who use private trackers. Not like a malformed torrent would go unnoticed for long, and the uploader would be ban'd. Good to update for all you public tracker users though.

  7. BitTorrent   -   #7
    BANNED BT Rep: +20BT Rep +20BT Rep +20BT Rep +20
    Join Date
    May 2007
    Posts
    1,638
    /me facepalms..

    Here we go again...

  8. BitTorrent   -   #8
    SenorBubbz's Avatar /¨_¨°.-.§.-.°¨_¨\ BT Rep: +35BT Rep +35BT Rep +35BT Rep +35BT Rep +35BT Rep +35BT Rep +35
    Join Date
    Jan 2008
    Location
    localhost
    Posts
    1,246
    Quote Originally Posted by SgtMajor View Post
    I recall they announced all this when 1.7 came out and we were all advised to upgrade from our beloved 1.6.1.

    Some trackers went into a wet frenzy and within a week we were all confused and had to run different version of utorrent for different trackers.

    Seems like a case of "forced upgrade" again?
    Dead on.

    I now have a sinking feeling in my stomach about the people who "found" this vulnerability.
    o hai

  9. BitTorrent   -   #9
    Sylar666's Avatar Kingpin BT Rep: +45BT Rep +45BT Rep +45BT Rep +45BT Rep +45BT Rep +45BT Rep +45BT Rep +45BT Rep +45
    Join Date
    May 2007
    Location
    Hungary
    Posts
    1,645
    Same old story. How about the new 1.8 , anyway? I've been using it for a while - so far nice and dandy.
    A malis vituperari laus est.

  10. BitTorrent   -   #10
    Cabalo's Avatar FileSharingTalker BT Rep: +24BT Rep +24BT Rep +24BT Rep +24BT Rep +24
    Join Date
    Mar 2007
    Location
    European Union
    Age
    41
    Posts
    12,718
    thank god i ditched utorrent some time ago...

Page 1 of 3 123 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •