Fedora 7 : deluge-0.5.8.3-1.fc7 (2008-1288)

Version 0.5.8.3 of the Deluge BitTorrent client contains a security fix for a remote exploit which could cause Deluge to crash. It also fixes some high CPU usage spikes, loading issues with the BlocklistImport plugin, and lock-ups when the tracker returns data that is not properly UTF8-encoded...

Fedora 8 : deluge-0.5.8.3-1.fc8 (2008-1287)

Version 0.5.8.3 of the Deluge BitTorrent client contains a security fix for a remote exploit which could cause Deluge to crash. It also fixes some high CPU usage spikes, loading issues with the BlocklistImport plugin, and lock-ups when the tracker returns data that is not properly UTF8-encoded...

[SECURITY] Fedora 7 Update: deluge-0.5.8.3-1.fc7

Deluge is a new BitTorrent client, created using Python and GTK+. It is intended to bring a native, full-featured client to Linux GTK+ desktop environments such as GNOME and XFCE. It supports features such as DHT Distributed Hash Tables, PEX =C2=B5Torrent-compatible Peer Exchange, an d UPnP...

[SECURITY] Fedora 8 Update: deluge-0.5.8.3-1.fc8

Deluge is a new BitTorrent client, created using Python and GTK+. It is intended to bring a native, full-featured client to Linux GTK+ desktop environments such as GNOME and XFCE. It supports features such as DHT Distributed Hash Tables, PEX =C2=B5Torrent-compatible Peer Exchange, an d UPnP...

[SECURITY] Fedora 8 Update: rb_libtorrent-0.12-3.fc8

rblibtorrent is a C++ library that aims to be a good alternative to all the other BitTorrent implementations around. It is a library and not a full featured client, although it comes with a few working example clients. Its main goals are to be very efficient in terms of CPU and memory usage as we...

[SECURITY] Fedora 8 Update: rb_libtorrent-0.12-3.fc8

rblibtorrent is a C++ library that aims to be a good alternative to all the other BitTorrent implementations around. It is a library and not a full featured client, although it comes with a few working example clients. Its main goals are to be very efficient in terms of CPU and memory usage as we...

BitTorrent和uTorrent Peers窗口缓冲区溢出漏洞

BUGTRAQ ID: 27321 CVECAN ID: CVE-2008-0364 BitTorrent和uTorrent都是流行的bittorrent协议客户端，使用了相同的代码库。 BitTorrent和uTorrent的实现上存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞控制用户客户端。 BitTorrent和uTorrent客户端都在General部分中启用了Detailed...

Buffer overflow

Buffer overflow in 1 BitTorrent 6.0 and earlier; and 2 uTorrent 1.7.5 and earlier, and 1.8-alpha-7834 and earlier in the 1.8.x series; on Windows allows remote attackers to cause a denial of service application crash via a long Unicode string representing a client version identifier...

CVE-2008-0364

Buffer overflow in 1 BitTorrent 6.0 and earlier; and 2 uTorrent 1.7.5 and earlier, and 1.8-alpha-7834 and earlier in the 1.8.x series; on Windows allows remote attackers to cause a denial of service application crash via a long Unicode string representing a client version identifier...

CVE-2008-0364

CVE-2008-0364 : A buffer overflow in the BitTorrent/uTorrent GUI can occur when copying the Unicode client-version string into a fixed buffer, triggered by a long version identifier. Affected: BitTorrent 6.0.x and earlier; uTorrent 1.7.5 and earlier, and 1.8-alpha-7834 and earlier. Impact: remote...

CVE-2008-0364

Buffer overflow in 1 BitTorrent 6.0 and earlier; and 2 uTorrent 1.7.5 and earlier, and 1.8-alpha-7834 and earlier in the 1.8.x series; on Windows allows remote attackers to cause a denial of service application crash via a long Unicode string representing a client version identifier...

Peers static overflow in BitTorrent 6.0 and uTorrent 1.7.5

Luigi Auriemma Applications: BitTorrent and uTorrent http://www.bittorrent.com http://www.utorrent.com Versions: BitTorrent = 6.0 build 5535 uTorrent = 1.7.5 build 4602 uTorrent = 1.8-alpha-7834 Platforms: Windows confirmed Mac and Linux both available only on BitTorrent have not been tested Bug:...

BitTorrent / uTorrent buffer overflow

Buffer overflow on peer information displaying...

BitTorrent 6.0 uTorrent 1.61.7 - Peers Window Remote Code Execution

BitTorrent 6.0 uTorrent 1.61.7 - Peers Window Remote Code Execution source: https://www.securityfocus.com/bid/27321/info BitTorrent and uTorrent are prone to a remote code-execution vulnerability because the applications fail to perform adequate boundary checks on user-supplied data. Attackers ca...

BitTorrent 6.0 / uTorrent 1.6/1.7 - Peers Window Remote Code Execution

source: https://www.securityfocus.com/bid/27321/info BitTorrent and uTorrent are prone to a remote code-execution vulnerability because the applications fail to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code in the context of the...

SQL injection bug found in TBSource.

A vulnerability found in the popular bittorrent tracker TBSource code allows an attacker to inject SQL queries and read secret information from the database. The value of 'choice' passed to the script index.php is not properly sanitized. When a special tailored value is passed by an attacker, ful...

DSA-1373-2 ktorrent - directory traversal

Bulletin has no description...

Debian DSA-1373-2 : ktorrent - directory traversal

It was discovered that ktorrent, a BitTorrent client for KDE, was vulnerable to a directory traversal bug which potentially allowed remote users to overwrite arbitrary files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

GLSA-200708-17 : Opera: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200708-17 Opera: Multiple vulnerabilities An error known as 'a virtual function call on an invalid pointer' has been discovered in the JavaScript engine CVE-2007-4367. Furthermore, iDefense Labs reported that an already-freed...

Opera: Multiple vulnerabilities

Background Opera is a multi-platform web browser. Description An error known as "a virtual function call on an invalid pointer" has been discovered in the JavaScript engine CVE-2007-4367. Furthermore, iDefense Labs reported that an already-freed pointer may be still used under unspecified...