Torrent Swarm Poisoning

=== Credits === Written by Burningmace. Thanks to Blindkilla for helping me out. === Introduction === The BitTorrent protocol identifies peers using a tracker. Each peer announces itself to the tracker via HTTP. Certain parameters in the announce request itself can be altered in order to fake the...

[SECURITY] Fedora 10 Update: aria2-1.3.1-2.fc10

aria2 is a download utility with resuming and segmented downloading. Supported protocols are HTTP/HTTPS/FTP/BitTorrent. It also supports Metalink version 3.0. Currently it has following features: - HTTP/HTTPS GET support - HTTP Proxy support - HTTP BASIC authentication support - HTTP Proxy...

CVE-2008-7166

Buffer overflow in the web interface in BitTorrent 6.0.1 build 7859 and earlier, and uTorrent 1.7.6 build 7859 and earlier, allows remote attackers to cause a denial of service memory consumption and crash via a crafted Range header. NOTE: this is probably a different vulnerability than...

Buffer overflow

Buffer overflow in the web interface in BitTorrent 6.0.1 build 7859 and earlier, and uTorrent 1.7.6 build 7859 and earlier, allows remote attackers to cause a denial of service memory consumption and crash via a crafted Range header. NOTE: this is probably a different vulnerability than...

CVE-2008-7166

CVE-2008-7166 : A buffer overflow in the web interface of BitTorrent 6.0.1 (build 7859) and earlier, and uTorrent 1.7.6 (build 7859) and earlier, can be triggered by a crafted Range header to cause a denial of service (memory consumption and crash). Red Hat and NVD references confirm the same imp...

CVE-2008-7166

Buffer overflow in the web interface in BitTorrent 6.0.1 build 7859 and earlier, and uTorrent 1.7.6 build 7859 and earlier, allows remote attackers to cause a denial of service memory consumption and crash via a crafted Range header. NOTE: this is probably a different vulnerability than...

[SECURITY] Fedora 10 Update: ctorrent-1.3.4-7.dnh3.3.2.fc10

Enhanced CTorrent is a BitTorrent client for unix-like environments. High performance with minimal system resources and dependencies are a priority...

[SECURITY] Fedora 11 Update: ctorrent-1.3.4-10.dnh3.3.2.fc11

Enhanced CTorrent is a BitTorrent client for unix-like environments. High performance with minimal system resources and dependencies are a priority...

GLSA-200907-14 : Rasterbar libtorrent: Directory traversal

The remote host is affected by the vulnerability described in GLSA-200907-14 Rasterbar libtorrent: Directory traversal census reported a directory traversal vulnerability in src/torrentinfo.cpp that can be triggered via .torrent files. Impact : A remote attacker could entice a user or automated...

Rasterbar libtorrent: Directory traversal

Background Rasterbar libtorrent is a C++ BitTorrent implementation focusing on efficiency and scalability. Deluge is a BitTorrent client that ships a copy of libtorrent. Description census reported a directory traversal vulnerability in src/torrentinfo.cpp that can be triggered via .torrent files...

[SECURITY] Fedora 9 Update: deluge-0.5.9.3-2.fc9

Deluge is a new BitTorrent client, created using Python and GTK+. It is intended to bring a native, full-featured client to Linux GTK+ desktop environments such as GNOME and XFCE. It supports features such as DHT Distributed Hash Tables, PEX =C2=B5Torrent-compatible Peer Exchange, an d UPnP...

[SECURITY] Fedora 11 Update: rb_libtorrent-0.14.3-2.fc11

rblibtorrent is a C++ library that aims to be a good alternative to all the other BitTorrent implementations around. It is a library and not a full featured client, although it comes with a few working example clients. Its main goals are to be very efficient in terms of CPU and memory usage as we...

[SECURITY] Fedora 9 Update: rb_libtorrent-0.12.1-2.fc9

rblibtorrent is a C++ library that aims to be a good alternative to all the other BitTorrent implementations around. It is a library and not a full featured client, although it comes with a few working example clients. Its main goals are to be very efficient in terms of CPU and memory usage as we...

[SECURITY] Fedora 10 Update: deluge-1.1.9-1.fc10

Deluge is a new BitTorrent client, created using Python and GTK+. It is intended to bring a native, full-featured client to Linux GTK+ desktop environments such as GNOME and XFCE. It supports features such as DHT Distributed Hash Tables, PEX =C2=B5Torrent-compatible Peer Exchange, an d UPnP...

[SECURITY] Fedora 10 Update: rb_libtorrent-0.13.1-5.fc10

rblibtorrent is a C++ library that aims to be a good alternative to all the other BitTorrent implementations around. It is a library and not a full featured client, although it comes with a few working example clients. Its main goals are to be very efficient in terms of CPU and memory usage as we...

Ares

Ares Galaxy is an open source peer to peer file sharing application that uses its own decentralized supernode network. The latest versions also support the BitTorrent protocol. The use of Ares Galaxy may circumvent the organizational security policy. There are cases in which certain traffic,...

[waraxe-2009-SA#074] - Multiple Vulnerabilities in TorrentTrader Classic 1.09

waraxe-2009-SA074 - Multiple Vulnerabilities in TorrentTrader Classic 1.09 =============================================================================== Author: Janek Vind "waraxe" Date: 15. June 2009 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-74.html Description of vulnerable...

TorrentTrader Classic 1.09 Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ========================================================== TorrentTrader Classic 1.09 Multiple Remote Vulnerabilities ========================================================== waraxe-2009-SA074 - Multiple Vulnerabilities in TorrentTrader...

DSA-1815-1 libtorrent-rasterbar - denial of service

Bulletin has no description...

Rasterbar libtorrent arbitrary file overwrite vulnerability

'libtorrent' is an open-source C++ bittorrent library by Rasterbar Software that is used in many desktop applications and embedded devices. Popular BitTorrent clients that use this library are 'firetorrent', 'qBittorrent' and 'deluge Torrent'. For a more comprehensive list of libtorrent-based...