Slackware 11.0: SSA:2007-093-02 Critical: KTorrent Remote Exploit

slackware

April 3, 2007

New ktorrent packages are available for Slackware 11.0 and -current to fix security issues

Summary

Here are the details from the Slackware 11.0 ChangeLog: patches/packages/ktorrent-2.1.3-i486-1_slack11.0.tgz: Upgraded to ktorrent-2.1.3. A directory traversal vulnerability in torrent.cpp in versions < 2.1.2 may allow remote attackers to overwrite the ktorrent user's files. A bug in chunkcounter.cpp in versions < 2.1.2 allows remote attackers to crash ktorrent and cause heap corruption by the use of an invalid idx value. For more information, see: https://www.cve.org/CVERecord?id=CVE-2007-1384 https://www.cve.org/CVERecord?id=CVE-2007-1385 (* Security fix *)

Topics Covered

security advisory remote exploit directory traversal critical fix Slackware ktorrent

Where Find New Packages

HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 11.0:
Updated package for Slackware -current:

MD5 Signatures

Slackware 11.0 package: 1917c267334e4b90ab04c58b1f2ff338 ktorrent-2.1.3-i486-1_slack11.0.tgz
Slackware -current package: 64c4d3bf516aebe96b6591ab75c2aeb9 ktorrent-2.1.3-i486-1.tgz

Severity

critical

Lowest

Low

Medium

High

Critical

Topics Covered

security advisory remote exploit directory traversal critical fix Slackware ktorrent

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg ktorrent-2.1.3-i486-1_slack11.0.tgz

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Slackware 11.0: SSA:2007-093-02 Critical: KTorrent Remote Exploit

Summary

Topics Covered

Where Find New Packages

MD5 Signatures

Topics Covered

Get the latest News and Insights

Installation Instructions

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Slackware 11.0: SSA:2007-093-02 Critical: KTorrent Remote Exploit

Summary

Topics Covered

Where Find New Packages

MD5 Signatures

Topics Covered

Get the latest News and Insights

Installation Instructions

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!