i'd stay off the network for the next 24/48 hours if i ran a supernode.
- js.
The PACKET 0' DEATH FastTrack Network Vulnerability
random nut
Vulnerability Overview
There exists a vulnerability in the FastTrack network core that can be used by an attacker to take control of all FastTrack network supernodes. The attacker can either crash all supernodes or insert arbitrary code in each supernode's address space. Crashing all supernodes means that no-one can search for files on the FT network or connect to the FT network.
To protect the FT network from people who want to reverse engineer the protocol, the owners of the FT network added encryption to all supernode packets. The encryption seems to be made by the FT network creators. Nothing else is encrypted, such as files transferred to other users.
Vulnerability Information
Packet 0 (possibly called "KAZAA_CONNECTION_INFO", but from here on called "Packet 0' death", note the zero) is used to send up to 200 supernode IPs to clients and supernodes. The supernodes' packet 0' death handler (possibly class "supernode_connection_t") is different from the other packet 0' death handlers, and it also contains the buffer overflow bug. The supernode packet 0' death handler assumes only 200 supernode entries can be received, but if you send more you can overwrite the return address and more of the stack.
More
http://lists.netsys.com/pipermail/fu...ay/009860.html