FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Enhanced cTorrent -- stack-based overflow

Affected packages
ctorrent < 3.3.2_2

Details

VuXML ID 83d7d149-b965-11de-a515-0022156e8794
Discovery 2009-10-15
Entry 2009-10-28

Securityfocus reports:

cTorrent and dTorrent are prone to a remote buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

Successful exploits allow remote attackers to execute arbitrary machine code in the context of a vulnerable application. Failed exploit attempts will likely result in denial-of-service conditions.

References

Bugtraq ID 34584
CVE Name CVE-2009-1759
URL http://sourceforge.net/tracker/?func=detail&aid=2782875&group_id=202532&atid=981959