Vulnerabilities > CVE-2006-0339 - Remote Buffer Overflow vulnerability in Bitcomet 0.60
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in BitComet Client 0.60 allows remote attackers to execute arbitrary code, when the publisher's name link is clicked, via a long publisher URI in a torrent file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family | Peer-To-Peer File Sharing |
NASL id | BITCOMET_061.NASL |
description | The version of BitComet installed on the remote Windows host has a buffer overflow flaw that could be triggered using a .torrent with a specially crafted publisher |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 20749 |
published | 2006-01-20 |
reporter | This script is Copyright (C) 2006-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/20749 |
title | BitComet Client .torrent URI Handling Overflow |
code |
|
References
- http://archives.neohapsis.com/archives/bugtraq/2006-01/0442.html
- http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0669.html
- http://secunia.com/advisories/18522
- http://securityreason.com/securityalert/357
- http://www.bitcomet.com/doc/changelog.htm
- http://www.fortinet.com/FortiGuardCenter/FSA-2006-07.html
- http://www.osvdb.org/22625
- http://www.securityfocus.com/archive/1/422361/100/0/threaded
- http://www.securityfocus.com/bid/16311
- http://www.vupen.com/english/advisories/2006/0251
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24229