Well guys im back with another grim report on WHY its important to update your client. Some of my other security reports was about older older exploits so i thought it was high time to show off some new stuff thats effecting the net.
Type of attack: Remote
Information:This attack sends a faulty command that results in a crash
How we solved it: Applied the update of Openssl
"Record of death" vulnerability
Type of attack: Local/Remote
Information: This attack can crash DC++ and mods during transfer or when opening local filelist
How we solved it: Well we did it so the client generates a new filelist on the spot everytime someone grabs a filelist that way it cant be repleaced by a malicous filelist.
DC++ 0.75 and older vulnerable to bzip2 filelist bomb
And for the interesting part every operator that uses old clients that arent updated like CrzDC++ Zion++ etc etc. You guys know what im talking about YES YOU ARE EXPLOITABLE..
As for the standard complaint that i dont want a strong based client well consider this Zion++ > 2.03 is strong with minor modifcations on top of it.
CrzDC++ doubt it hasnt gotten StrongDC++ since it uses CMD so i doubt that operators will know the diffrence if they apply thier icon theme to the client if they are heavely into operator feature i recommend RSX++.
And as for all the new stuff that we are doing well if you wanna use em you have to update like Nattrav (Passive-Passive) connections. So make sure your client bases of a fresh core....
Security Advisory for all clients
-
- Member
- Posts: 53
- Joined: 15 Sep 2008, 21:48
- Location: adcs://adcs.uhub.org:1511
- Contact:
Re: Security Advisory for all clients
If this description is accurate, then this isn't a fix for the problem!Type of attack: Local/Remote
Information: This attack can crash DC++ and mods during transfer or when opening local filelist
How we solved it: Well we did it so the client generates a new filelist on the spot everytime someone grabs a filelist that way it cant be repleaced by a malicous filelist.
DC++ 0.75 and older vulnerable to bzip2 filelist bomb
Re: Security Advisory for all clients
kinda forgot in all haste since im working now that it also discards invalid xml and we have size checks for the filelists so a bzip bomb becomes useless so yeah its fixed.
just forgot to add it but thx for noticing my mistake in the article kinda wrote it on the fly
just forgot to add it but thx for noticing my mistake in the article kinda wrote it on the fly