Vulnerability Development mailing list archives
Napster a little insecure?
From: dmiller () I-MIND COM (Dennis Miller)
Date: Thu, 27 Jan 2000 17:58:57 -0800
I'm running Napster v2.0 Build 1318 which is a freeware utility to share MP3's across the internet located at http://www.napster.com <http://www.napster.com> . Notice Napster sends the complete location of the file(s) being sent. Does this mean that there is a way to coax the client to offer up ANY file? RECEIVED (on different query) 81 00 C9 00 "c:\WINDOWS\DESKTOP\mp3s\Nirvana-Lithium.mp3" (32-byte checksum) (size in bytes) (bitrate in kbps) (freq) (duration in seconds) (username) (magic cookie - "643813570") (line speed) 92 00 C9 00 "G:\Program Files\napster\Music\NIRVANA - Smells Like Teen Spirit.mp3" (32-byte checksum) ... 00 00 CA 00 00 00 Dennis Miller dmiller () iMind com
Current thread:
- Napster a little insecure? Dennis Miller (Jan 27)
- Re: Napster a little insecure? Gunes Sen (Jan 27)
- Re: Napster a little insecure? Jordan Ritter (Jan 28)
- IIS4.0 .htw vulnerability Fricke, Gregory D. (Jan 28)
- <Possible follow-ups>
- Re: Napster a little insecure? Thiago Mello (Jan 28)
- Re: Napster a little insecure? Sebastian (Jan 29)
- Re: Napster a little insecure? technot (Jan 29)
- Re: Napster a little insecure? Thomas Maschutznig (Jan 29)
- Re: Napster a little insecure? Mark Shirley (Jan 30)
- Re: Napster a little insecure? WHiTe VaMPiRe (Jan 30)
- Re: Napster a little insecure? Jordan Ritter (Jan 30)
(Thread continues...)