In association with heise online

13 March 2007, 16:46

Two vulnerabilities in KDE BitTorrent client KTorrent

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Version 2.1.2 of the open-source BitTorrent client KTorrent for KDE removes two vulnerabilities. The first one is said to enable an attacker to cause the application to crash. According to the bug report by Ubuntu the vulnerability also allows code to be injected onto a system and executed. The vulnerability is found in the module chunkcounter.cpp and is triggered by large idx values.

The second vulnerability is said to allow the deliberate overwriting of files on a system. The problem occurs because KTorrent does not correctly validate the destination file paths or the HAVE statements sent by torrent peers. Inserting the string .. into the filename is said to be all that is needed to break out of defined directories.

The source code of the new KTorrent is available for download at The Linux distributor Ubuntu has also released debugged packages.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit