Kazaa Lite K++ sig2dat Request Length Parameter Overflow

2005-01-17T09:42:50
ID OSVDB:13035
Type osvdb
Reporter Rafel Ivgi()
Modified 2005-01-17T09:42:50

Description

Vulnerability Description

A remote overflow exists in Kazaa Lite K++. Kazaa Lite K++ fails to check the Length parameter resulting in an integer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

A remote overflow exists in Kazaa Lite K++. Kazaa Lite K++ fails to check the Length parameter resulting in an integer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Manual Testing Notes

sig2dat://<filename>%7c<file length in bytes>< file length in kilobytes>%7c<HASH>%7c

References:

Security Tracker: 1012920 Secunia Advisory ID:13879 Related OSVDB ID: 13036 Other Advisory URL: http://theinsider.deep-ice.com/texts/advisory70.txt