CTorrent/Enhanced CTorrent Buffer Overflow Vulnerability Network Vulnerability

Summary

The host is installed with CTorrent/Enhanced CTorrent and is prone to Buffer Overflow Vulnerability.

Impact

Attackers can exploit this issue by execute arbitrary code via specially crafted torrent files and can cause denial of service. Impact Level: System/Application

Solution

Apply the appropriate patch from the below link, http://sourceforge.net/p/dtorrent/bugs/14/ http://sourceforge.net/p/dtorrent/code/HEAD/tree

Insight

A stack based buffer overflow is due to a boundary error within the function 'btFiles::BuildFromMI()' in btfiles.cpp while processing torrent files containing a long path.

Affected

CTorrent version 1.3.4 on Linux. Enhanced CTorrent version 3.3.2 and prior on Linux.

References

http://secunia.com/advisories/34752
http://xforce.iss.net/xforce/xfdb/49959

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-1759

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

CA Internet Security Suite Plus 'KmxSbx.sys' Buffer Overflow Vulnerability
Cyrus SASL Remote Buffer Overflow Vulnerability
CA eTrust PestPatrol Anti-Spyware 'ppctl.dll' ActiveX Control BOF Vulnerability
Adobe Reader Buffer Overflow Vulnerability Sep09 (Win)
BS.Player '.bsl' File Buffer Overflow Vulnerabilities

Take action and discover your vulnerabilities