'Serious' Vulnerability In KaZaA - Users Urged to Install Patch

[JackSpratts]

Patrick Gray

Users of file sharing programs such as Kazza and iMesh are urged to install a security patch following a discovery of a serious bug in their underlying network.

A security researcher recently found a potentially critical vulnerability in the program which drives the FastTrack network. Fastrack is used by peer-to-peer(p2p) software including Kazaa and iMesh. Joltid, the maker of Fastrack, initially said the flaw was not serious, but has since done an about-face and plans to plug the loophole.

The makers of Kazaa will release a patch within the next 24 hours and is urging customers to install it "as soon as possible".

According to the original security advisory, published on the Full Disclosure security mailing list, attackers can take control of or crash the FastTrack "supernodes" that p2p users connect to.

"It's definitely a serious risk. Just ask anyone if executing arbitrary code is a serious risk or not," the researcher told ZDNet Australia.
http://asia.cnet.com/newstech/securi...9133858,00.htm

[goldie]

ARRRRRRRRRRRRGGGGGGGGGGGHHHHHHHHHHH!

[multi]

im glad the riaa hackers didnt find it...

[JackSpratts]

i'd stay off the network for the next 24/48 hours if i ran a supernode.

- js.

The PACKET 0' DEATH FastTrack Network Vulnerability
random nut

Vulnerability Overview

There exists a vulnerability in the FastTrack network core that can be used by an attacker to take control of all FastTrack network supernodes. The attacker can either crash all supernodes or insert arbitrary code in each supernode's address space. Crashing all supernodes means that no-one can search for files on the FT network or connect to the FT network.

To protect the FT network from people who want to reverse engineer the protocol, the owners of the FT network added encryption to all supernode packets. The encryption seems to be made by the FT network creators. Nothing else is encrypted, such as files transferred to other users.

Vulnerability Information

Packet 0 (possibly called "KAZAA_CONNECTION_INFO", but from here on called "Packet 0' death", note the zero) is used to send up to 200 supernode IPs to clients and supernodes. The supernodes' packet 0' death handler (possibly class "supernode_connection_t") is different from the other packet 0' death handlers, and it also contains the buffer overflow bug. The supernode packet 0' death handler assumes only 200 supernode entries can be received, but if you send more you can overwrite the return address and more of the stack.

More http://lists.netsys.com/pipermail/fu...ay/009860.html

[napho]

Kazaa seems to have a little update today http://fileforum.betanews.com/detail.php3?fid=971761196

[TankGirl]

Quote:

Originally posted by JackSpratts
i'd stay off the network for the next 24/48 hours if i ran a supernode.

That's a sound advice. Vulnerable FastTrack is a juicy target for hackers.

Supernode or not, I would advise to stay off FastTrack until a patch has been made available and you hear that it works. Note that it will take some time for FastTrack's multimillion peer user base to patch their clients, so there will be a period of only-partial security - your patched client may still encounter supernodes that are owned by a malicious party.

- tg

[mrtoca]

I'd find a quiet time to download the update if I were you. I'm in the middle of it and it went down to 0.5 KB/sec for a while, although its running at 7.0 KB/sec now. Not too fast for a broadband connection...

I guess with over 230 million of us wanting to download it things might get a little clogged up.

[JackSpratts]

hi mrtoca and welcome to napsterites' p2p-zone!

- js.

[Dawn]

Gee, I get to stay off everything for the next god knows how long.

Thanks for the heads up anyway Mr. Spratts.

Oops, almost forgot to welcome mrtoca. Hope you like this place