04-02-02, 07:03 AM
|
#16
|
|
Just another cat on the FastTrack...
Join Date: Jan 2002
Location: Hamilton
Posts: 727
|
Re: Morpheus Users - Sharing More Than They Think?
Quote:
Originally posted by JackSpratts
Ever since MusicCity (now Streamcast) tanked their old opennap client and replaced it w/Morpheus, rumors have floated around concerning a security flaw having to do with IP numbers and hard drive access. A lot of us spent considerable time and energy shooting it down, pointing out that it's really nothing more than a typical P2P in normal operation.
Well, things may have changed recently, as this news report suggests. On the other hand, maybe not. So far the lack of detailed information makes it too early to tell.
- js.
|
Does anyone know if this guy is for real?  Quoted from ZeroPaid.
Quote:
PAUL SARSFIELD - MUSICCITY TECHNICAL SUPPORT | February 3, 2002 @ 2:37 am | ;
.... | Mozilla/4.0 (compatible; MSIE 5.01; Windows 98)
Yes. We have confirmed the reports that Morpheus does indeed contain the security hole. Our programmers are working diligently on a fix and we hope to have it ready within the week. We have found that the exploit does in fact allow a malicious user to gain access to the root level of the Morpheus user's C: drive and therefore gain write access to private files on the user's entire system, not just the shared folder.
We have determined that the reason why only some systems are affected, is that the flaw does not seem to work on Windows XP systems. We believe this is due to the fact that XP uses the NTFS file system and has security settings in effect. Windows98, 95, and WinME systems are vulnerable.
(Note: Although it will sometimes run, Morpheus is not recommended for Windows XP due to additional problems with compatibility. WIndows XP compatibility is expected in our future 2.0 release this spring.)
The Kazaa program, and Grokster which share the same code, are also affected. We apologize for any inconvenience this has caused you and we assure you we are working as fast as we can to arrive at a solution. We will post the security fix on the Grokster site where we have posted another security tool, at the following url: (Link)
We hope to provide you with the best filesharing program out there and we assure you that we will have the issue taken care of shortly.
Thank you,
-Paul Sarsfield,
Tech Support
MusicCity Morpheus
"Gamer" MusicCity Op
Email: gamer@gamerspage.com
|
P.S. I do know you can find him on MusicCity Chat in the Help Room. What really is confusing is his post on his Website - Gamerspage.com Learn what you are talking about |
|
|