CTorrent/Enhanced CTorrent Buffer Overflow Vulnerability Network Vulnerability

Summary

The host is installed with CTorrent/Enhanced CTorrent and is prone to Buffer Overflow Vulnerability.

Impact

Attackers can exploit this issue by execute arbitrary code via specially crafted torrent files and can cause denial of service. Impact Level: System/Application

Solution

Apply the appropriate patch from the below link, http://sourceforge.net/p/dtorrent/bugs/14/ http://sourceforge.net/p/dtorrent/code/HEAD/tree

Insight

A stack based buffer overflow is due to a boundary error within the function 'btFiles::BuildFromMI()' in btfiles.cpp while processing torrent files containing a long path.

Affected

CTorrent version 1.3.4 on Linux. Enhanced CTorrent version 3.3.2 and prior on Linux.

References

http://secunia.com/advisories/34752
http://xforce.iss.net/xforce/xfdb/49959

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-1759

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Audition '.ses' Multiple Buffer Overflow Vulnerabilities (Windows)
CuteFTP Heap Based Buffer Overflow Vulnerability
Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability (Win)
DATAC RealWin SCADA Server On_FC_CONNECT_FCS_a_FILE Buffer Overflow Vulnerability
BaoFeng Storm ActiveX Control Buffer Overflow Vulnerability

Take action and discover your vulnerabilities