CTorrent/Enhanced CTorrent Buffer Overflow Vulnerability Network Vulnerability

Summary

The host is installed with CTorrent/Enhanced CTorrent and is prone to Buffer Overflow Vulnerability.

Impact

Attackers can exploit this issue by execute arbitrary code via specially crafted torrent files and can cause denial of service. Impact Level: System/Application

Solution

Apply the appropriate patch from the below link, http://sourceforge.net/p/dtorrent/bugs/14/ http://sourceforge.net/p/dtorrent/code/HEAD/tree

Insight

A stack based buffer overflow is due to a boundary error within the function 'btFiles::BuildFromMI()' in btfiles.cpp while processing torrent files containing a long path.

Affected

CTorrent version 1.3.4 on Linux. Enhanced CTorrent version 3.3.2 and prior on Linux.

References

http://secunia.com/advisories/34752
http://xforce.iss.net/xforce/xfdb/49959

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-1759
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

BSPlayer Stack Overflow Vulnerability SRT
ActiveFax RAW Server Multiple Buffer Overflow Vulnerabilities
Alleycode HTML Editor Buffer Overflow Vulnerabilities
Apple iTunes '.pls' Files Buffer Overflow Vulnerability
Apache mod_proxy content-length buffer overflow

Take action and discover your vulnerabilities