Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 21 May 2009 20:22:21 -0400 (EDT)
From: "Steven M. Christey" <>
Subject: Re: CVE request: ctorrent

Name: CVE-2009-1759
Status: Candidate
Reference: MILW0RM:8470
Reference: URL:
Reference: MLIST:[oss-security] 20090520 CVE request: ctorrent
Reference: URL:
Reference: CONFIRM:
Reference: CONFIRM:
Reference: CONFIRM:
Reference: BID:34584
Reference: URL:
Reference: SECUNIA:34752
Reference: URL:
Reference: VUPEN:ADV-2009-1092
Reference: URL:
Reference: XF:ctorrent-btfiles-bo(49959)
Reference: URL:

Stack-based buffer overflow in the btFiles::BuildFromMI function
(trunk/btfiles.cpp) in Enhanced CTorrent (aka dTorrent) 3.3.2 and
probably earlier, and CTorrent 1.3.4, allows remote attackers to cause
a denial of service (crash) and possibly execute arbitrary code via a
Torrent file containing a long path.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.