Full Disclosure mailing list archives
Re: Shareaza Remote Vulnerability
From: Ryan Smith <whatstheaddress () gmail com>
Date: Thu, 26 Jan 2006 23:07:21 -0600
Thanks Todd, the correct link is http://www.hustlelabs.com/shareaza_advisory.pdf :> Ad, I believe what you mean is that I completed 20% of a job, and the job was correct. I am sorry you feel my work was incomplete; do you still feel like you recieved a deliverable that matches the dollar amount you spent on the research? On 1/26/06, ad () heapoverflow com <ad () heapoverflow com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 where is your proof then that the remote execution is possible, the shareaza maker wont probably care until you add a proof on what do you claim as exploitable.. You just made like 20% of a correct job ... Ryan Smith wrote:There is a vulnerability in the current version of Shareaza, a P2P file sharing product. It results in remote code execution. Please see the advisory for more details. There is no patch. Credit: These vulnerabilities were discovered and researched by Ryan Smith. Contact: WhatsTheAddress () gmail com <mailto:WhatsTheAddress () gmail com> Details: http://www.hustlelabs.com/ <http://www.security.nnov.ru/?gohttp://www.rem0te.com/public/images/clamav.pdf---------------------------------------------------------------------- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) iQIVAwUBQ9lO0q+LRXunxpxfAQJmXRAAkpwY9Xgwt9NwEv6JeG/gTqkSSoHwAvQo e/97GNP+Vz1q8Gv0IxWk4HfmxUmY+oeI76pTwka/yb3p2hbpvVV5i0Ab5pYLt5OL M3z8S8P4EGbHTn1JNsRxmO65ZRS0W/2QkYY3tLfcPXUeBekgtFhfpuSe3kPgsvEW zGTNrHBngUZpp/AxsodWWNBRPKt8TAfk24mlLC9r/0WTn1jWv8IjBKEmsCi9trzD XaIIZMKF9hdmjQYpXYvakwBjm0pHV3bl0IK0oh+iURC2CCWFF7LJTgulGX+QA0PX truBCvCdKvlGsZePaugywYl/jR5GT5SS0HNa8ZxjgIoMzZn13UcMKdksFMI6aqqI uAwQzI9dh2Hyy35l4VtPvbnqHc2gBkcLQKOh2BCB5KJ/Q45HhoF8YZYTp55W2kBN iGQ8jnCPP59006MRt3JqZjWD3iQd5kYwALkHKi96KszbXratq/Q+8Lbp/7N1YVvT jqN6B+w0zgMtDyE9ZcT0/vpOD49ILKtN8Et5pjOtqGU0BHvTAVLyDSacwmYHyuXX 0dRQl4BT6gITNpmCEvzd86jsTvAe3OwclcsOlZPnWNw4nywE/jEWNlW6/21E9t0y JfXcrfADTvErX7tmteZMIAdi2BSuC8+kfMwVEqzRGNo/wGgVKH0qD4cFQXdvuRls kAI1sXRWbQ0= =4/ii -----END PGP SIGNATURE-----
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Shareaza Remote Vulnerability Ryan Smith (Jan 26)
- Re: Shareaza Remote Vulnerability ad () heapoverflow com (Jan 26)
- Re: Shareaza Remote Vulnerability Ryan Smith (Jan 27)
- Re: Shareaza Remote Vulnerability ad () heapoverflow com (Jan 27)
- Re: Shareaza Remote Vulnerability Ryan Smith (Jan 27)
- <Possible follow-ups>
- RE: Shareaza Remote Vulnerability Todd Towles (Jan 26)
- RE: Shareaza Remote Vulnerability Todd Towles (Jan 26)
- Re: Shareaza Remote Vulnerability ad () heapoverflow com (Jan 26)