Spyware, Viruses, & Security forum

General discussion

Security Advisory - September 4, 2004

Grokster and Kazaa Altnet Download Manager Buffer Overflow Vulnerability

Secunia Advisory: SA12456
Release Date: 2004-09-03

Critical: Highly critical
Impact: System access

Where: From remote

Solution Status: Unpatched

Software: Grokster 2.x

Description:
CelebrityHacker has reported a vulnerability in the Altnet Download Manager included in Grokster, which can be exploited by malicious people to compromise a user's system.

For more information:
SA12446

The vulnerability has been confirmed in Altnet Download Manager 4.0.0.2 included in Grokster 2.6. Other versions may also be affected.

Solution:
Remove the Altnet Download Manager ("adm.exe") or uninstall Grokster.

http://secunia.com/advisories/12456/

***

Secunia Advisory: SA12455
Release Date: 2004-09-03

Critical: Highly critical
Impact: System access

Where: From remote

Solution Status: Unpatched

Software: Kazaa 2.x

Description:
CelebrityHacker has reported a vulnerability in the Altnet Download Manager included in Kazaa, which can be exploited by malicious people to compromise a user's system.

For more information:
SA12446

The vulnerability has been confirmed in Altnet Download Manager 4.0.0.4 included in Kazaa 2.7.1. Other versions may also be affected.

Solution:
Remove the Altnet Download Manager ("adm.exe") or uninstall Kazaa.

http://secunia.com/advisories/12455/

Discussion is locked
You are posting a reply to: Security Advisory - September 4, 2004
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Security Advisory - September 4, 2004
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Kerio Personal Firewall Application Security

In reply to: Security Advisory - September 4, 2004

Can Be Disabled By Certain Local Users

SecurityTracker URL: http://securitytracker.com/id?1011152

Date: Sep 3 2004
Impact: Modification of system information
Exploit Included: Yes
Version(s): 4.0.16

Description: A vulnerability was reported in the Kerio Personal Firewall. The application launch protection feature can be disabled by local users with administrator privileges.

Tan Chew Keong of SIG^2 Vulnerability Research reported that a local application can make direct writes to \device\physicalmemory to restore the kernel's SDT ServiceTable to disable the application security features.

Only the application execution protection feature is affected (the firewall functions are not affected).

Administrator privileges are required to exploit this vulnerability.

The vulnerability was discovered on June 26, 2004 and the vendor was notified on June 27, 2004.

[Editor's note: A user with administrator privileges can, of course, disable the application without having to exploit this flaw.]

Impact: A local user with administrator privileges can disable the application protection features.

Solution: No solution was available at the time of this entry.
Vendor URL: www.kerio.com/kpf_home.html
Cause: Access control error
Underlying OS: Windows (Any)
Underlying OS Comments: Tested on Windows 2000 SP4 and Windows XP SP1 and SP2

Collapse -
Opera Web Browser Empty Embedded Object JavaScript

In reply to: Security Advisory - September 4, 2004

Denial Of Service Vulnerability

Opera is a web browser available for a number of platforms, including Microsoft Windows, Linux and Unix variants and Apple MacOS.

Opera Web Browser is reported to be susceptible to a JavaScript denial of service vulnerability. This vulnerability presents itself when Opera attempts to execute a specific JavaScript command. Upon executing this command, Opera will reportedly crash.

This vulnerability was reported to exist in version 7.23 of Opera for Microsoft Windows. Other versions are also likely affected. Version 7.54 does not seem to be susceptible.

Workaround:
As version 7.54 does not seem to be affected by this vulnerability, it is suggested that users of affected packages upgrade to this version until a vendor confirmed fix is available.

http://www.securityfocus.com/bid/11090/discussion/

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

GRAMMYS 2019

Here's Everything to Know About the 2019 Grammys

Find out how to watch the Grammy Awards if you don't have cable and more.