Multiple Kazaa vulnerabilities
p2pnet.net News:- Here’s more trouble for Kazaa, Sharman Networks’ fast-fading p2p application.
Multiple remote vulnerabilities reportedly affect Kazaa’s Sig2Dat protocol functionality, says a post at Aviran’s Place, going on:
“These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it in critical actions. An attacker may leverage these issues to cause the affected application to crash, denying service to legitimate users, and to create files in arbitrary directories that are readable to the affected application.
Affected versions:
- KaZaA KaZaA Media Desktop 2.0
- KaZaA KaZaA Media Desktop 2.0.2
- KaZaA KaZaA Media Desktop 2.6.4
- KaZaA KaZaA Media Desktop 3.0
- KaZaA Lite KaZaA Lite 1.7.2
- KaZaA Lite KaZaA Lite 2.0
- KaZaA Lite KaZaA Lite 2.0.2
Something you think we should know about? tips[at]p2pnet.net
===================
See:-
more trouble – Kazaa Sig2Dat Protocol Multiple Remote Vulnerabilities, Aviran’s Place, January 21, 2005
January 24th, 2005 at 1:53 am
It’s amazing how many people are still loyal to Kazaa?????? By the way does anyone know what Kazaa stands for or why sharman picked such a screwy name??????
January 24th, 2005 at 2:20 am
Well, in the UK ”kazi’ is slang for ‘toilet’ and anyone who buys Kazaa is in effect throwing it down the bog, as well as leaving themselves open to all kinds of nasties.
So maybe …..