Exploit Found in Seti@Home
Results 1 to 8 of 8

Thread: Exploit Found in Seti@Home

  1. #1
    Senior Member cwk9's Avatar
    Join Date
    Feb 2002
    Posts
    1,211

    Exploit Found in Seti@Home

    Source: http://slashdot.org/articles/03/04/0....shtml?tid=172
    The fix: http://setiathome.berkeley.edu/download.html
    The Advisorie: http://spoor12.edup.tudelft.nl/SkyLi...ries/Seti@home

    Jamie noted that an Exploit was found in Seti@Home and there is code exploiting the hole actually running about in the wild. Patches are available for those of you not interested in running a public warez server or DoS client
    Get em screen savers patched.

  2. #2
    Senior Member
    Join Date
    Mar 2003
    Posts
    117
    Seems like I cant find a fix for the cmdline version... havent they supplied a fix for it yet?
    .sig - There never was a .sig?
    I own a Schneider EuroPC with MS-Dos 3.3 and it works.

  3. #3
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,534
    w00w that's bad..

    /me goes to patching..
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

  4. #4
    Senior Member
    Join Date
    Jan 2002
    Posts
    244

    Talking Re: Exploit Found in Seti@Home

    Heh the hunt for the little green dudes is not without dangers!

    Thx for the info!
    i m gone,thx everyone for so much fun and good info.
    cheers and good bye

  5. #5
    AO Decepticon CXGJarrod's Avatar
    Join Date
    Jul 2002
    Posts
    2,038
    Originally posted here by Vigge
    Seems like I cant find a fix for the cmdline version... havent they supplied a fix for it yet?
    I dont think so. The Bugtraq article said that they had not responded yet.

    Here is the BugTraq post: (Slightly Edited)
    Confirmed information leaking:
    This issue affects all clients.

    Confirmed remote exploitable:
    setiathome-3.03.i386-pc-linux-gnu-gnulibc2.1
    setiathome-3.03.i686-pc-linux-gnu-gnulibc2.1
    setiathome-3.03.i386-pc-linux-gnulibc1-static
    setiathome-3.03.i686-pc-linux-gnulibc1-static
    setiathome-3.03.i386-winnt-cmdline.exe
    i386-unknown-freebsd2.2.8 (Special thanks to Niels Heinen)
    SETI@home.exe (v3.07 Screensaver)

    Confirmed DoS-able using buffer overflow:
    The main seti@home server at shserver2.ssl.berkeley.edu

    Presumed vulnerable to buffer overflow:
    All other clients.

    BACKGROUND INFORMATION-----------------------------------------------------

    >From "http://setiathome.berkeley.edu/" :
    "SETI@home is a scientific experiment that uses Internet-connected
    computers in the Search for Extraterrestrial Intelligence (SETI). You
    can participate by running a free program that downloads and analyzes
    radio telescope data. "
    "The SETI@home program is a special kind of screensaver. Like other
    screensavers it starts up when you leave your computer unattended, and
    it shuts down as soon as you return to work. What it does in the interim
    is unique. While you are getting coffee, or having lunch or sleeping,
    your computer will be helping the Search for Extraterrestrial
    Intelligence by analyzing data specially captured by the world's largest
    radio telescope. "
    "The client/screensaver is available for download only from this web page
    - we do not support SETI@home software obtained elsewhere. This software
    will upload and download data only from our data server here at Berkeley.
    The data server doesn't download any executable code to your computer.
    All in all, the screensaver is much safer than the browser you're running
    right now!"

    There are currently over four million registered users of seti@home. Over
    half a million of these users are "active"; they have returned at least one
    result within the last four weeks.

    THE VULNERABILITIES--------------------------------------------------------

    The seti@home clients use the HTTP protocol to download new workunits, user
    information and to register new users. The implementation leaves two
    security vulnerabilities:

    1) All information is send in plaintext across the network. This
    information includes the processor type and the operating system of the
    machine seti@home is running on.

    2) There is a bufferoverflow in the server responds handler. Sending an
    overly large string followed by a newline ('\n') character to the client
    will trigger this overflow. This has been tested with various versions of
    the client. All versions are presumed to have this flaw in some form.

    3) A similar buffer overflow seems to affect the main seti@home server at
    shserver2.ssl.berkeley.edu. It closes the connection after receiving a
    too large string of bytes followed by a '\n'.


    TIMELINE-------------------------------------------------------------------

    2002/12/05 Information leakage discovered.
    2002/12/14 Bufferoverflow in client discovered.
    2002/12/31 Seti@home team contacted through their website
    http://setiathome.berkeley.edu/help.html.
    2003/01/07 Seti@home team contacted again.
    2003/01/14 Bufferoverflow in server discovered.
    2003/01/21 Seti@home team contacted again, this time through email.
    2003/01/21 Seti@home team confirmed the problem.
    2003/01/25 Seti@home team promissed fixed version are being build.
    2003/02/03 Seti@home team informed me about problems with the fixes for the
    win32 version.
    N00b> STFU i r teh 1337 (english: You must be mistaken, good sir or madam. I believe myself to be quite a good player. On an unrelated matter, I also apparently enjoy math.)

  6. #6
    AO Decepticon CXGJarrod's Avatar
    Join Date
    Jul 2002
    Posts
    2,038
    Also, the Seti Researchers acknowledge the bug: http://setiathome.berkeley.edu/version308.html

    but no update for the cmdline for Winnt...

    JArrod
    N00b> STFU i r teh 1337 (english: You must be mistaken, good sir or madam. I believe myself to be quite a good player. On an unrelated matter, I also apparently enjoy math.)

  7. #7
    AO Decepticon CXGJarrod's Avatar
    Join Date
    Jul 2002
    Posts
    2,038
    And also an updated command line version....

    http://setiathome.ssl.berkeley.edu/download.html
    N00b> STFU i r teh 1337 (english: You must be mistaken, good sir or madam. I believe myself to be quite a good player. On an unrelated matter, I also apparently enjoy math.)

  8. #8
    I had this problem thanks for the link and the starter of this thread for their notice. I don't visit SETI@Home's site very often so i wouldn't have seen this bug. Thanks.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •