TUCoPS :: Windows Apps :: win5962.htm

Kazaa crash with downloading of ad banners
3rd Feb 2003 [SBWID-5962]
COMMAND

	Kazaa crash with downloading of ad banners

SYSTEMS AFFECTED

	Kazaa Media Desktop v2, Tested on Kazaa Media Desktop 2.0.2

PROBLEM

	Marc Ruef [marc.ruef@computec.ch] reports :
	
	--snip--
	
	If you can inject a malicous response for the automated ad  download  of
	the client, you can cause a bufferoverflow and the  denial  of  service.
	It may be possible to run arbitary code with this vulnerability.
	
	The easiest way to reproduce this behavior is deny all http  connections
	to hosts named *ad*. For example activate the "Block Sites"  feature  of
	the NetGear FM114P and block the keyword "ad". After this change,  every
	time you start the vulnerable Kazaa client, the  software  crashes  with
	the typical windows error message during connection establishment.
	
	--snap--

SOLUTION

	?

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH