i think we're all going to be very busy especially if this effects ALL or even a few p2p apps....wont be long! :-(Versions: kazaa lite k++(probably all others too...)
Platforms: Windows
Bug: Sig2Dat Protocol Remote Integer Overflow and
Denial Of Service by creating files in arbitrary locations
Kazaa is currently the world’s most common P2P file sharing application.
When installing Kazaa a new protocol is installed named “sig2dat”.
This protocol contain an integer overflow vulnerability which may cause
a crash and may allow remote execution of code. There is another
vulnerability in the “File:” parameter which allows creating files in
arbitrary locations and committing Denial Of Service.
Details