Is affected the system:
DC++ DC++ 0.706
Not affected system:
DC++ DC++ 0.707
Description:
--------------------------------------------------------------------------------
BUGTRAQ ID: 30037,29924
CVE(CAN) ID: CVE-2008-2954, CVE-2008-2953
DC++ (resource sharing master) is an open sound code free P2P client side software.
DC++ when processing partial listed files request has the spatial indicator quotation crack, the long-distance aggressor may transmit specially made the request to cause the client side collapse; In DC++ dcpp/dcpp/NmdcHub.cpp document NmdcHub::onLine() function not correct processing personal news, if the long-distance aggressor has transmitted the main body for the spatial personal news, will cause the client side collapse.
<* origin: antanius
Link: http://secunia.com/advisories/30812/
http://developer.berlios.de/bugs/?func=detailbug&bug_id=13195&group_id=2230
*>
Suggested:
--------------------------------------------------------------------------------
Manufacturer patch:
DC++
----
At present the manufacturer had already issued the promotion patch repairs this security problem, welcome to manufacturer main page downloading:
http://sourceforge.net/projects/dcplusplus/
|