Technical Description

Two vulnerabilities have been identified in KTorrent, which could be exploited by attackers to cause a denial of service or potentially execute arbitrary commands.

The first issue is due to an input validation error when processing paths of filenames, which could be exploited to overwrite arbitrary files via directory traversal attacks by tricking a user into opening a malicious torrent.

The second vulnerability is due to an error when handling messages with malformed chunk indexes, which could be exploited by attackers to crash an affected application or potentially compromise a vulnerable system.

Affected Products

KTorrent versions 2.x

Solution

Upgrade to KTorrent version 2.1.3 :
http://ktorrent.org/index.php?page=downloads

References

http://www.vupen.com/english/advisories/2007/0913
http://ktorrent.org/forum/viewtopic.php?t=1401
http://bugs.kde.org/show_bug.cgi?id=143637

Credits

Vulnerabilities reported by Bryan Burns (Juniper Networks)

ChangeLog

2007-03-13 : Initial release
2007-04-05 : Updated Solution

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.