SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#167033

Winny contains a buffer overflow

Overview

Winny contains a buffer overflow. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.

I. Description

Winny (also referred to as WinNY) is a popular Japanese peer-to-peer file sharing application. A flaw exists in this program due to an unbounded strcpy() of remotely-supplied user input during the handling of certain commands provided by the file transfer feature. This flaw results in a heap-based buffer overflow vulnerability due to the lack of validation on the size of user input. A remote attacker may be able exploit this vulnerability by sending a specially crafted message to a vulnerable Winny installation.

II. Impact

A remote unauthenticated attacker may be able to execute arbitrary code on a system running the vulnerable software. The attacker-supplied code would be executed in the context of the user running Winny.

III. Solution

The CERT/CC is currently unaware of a practical solution to this problem.

Workarounds

Discontinue use of the product
Due to extenuating circumstances, the author is unable to provide patches for this issue. Users concerned with security should consider discontinuing use of the product.

Systems Affected

No Information Available

References


http://www.eeye.com/html/research/advisories/AD20060421.html
http://jvn.jp/jp/JVN%2374294680/index.html
http://secunia.com/advisories/19795/
http://www.securityfocus.com/bid/17666

Credit

Thanks to JPCERT/CC for reporting this vulnerability. Discovery and research of this vulnerability was performed by eEye Digital Security.

This document was written by Chad R Dougherty.

Other Information

Date Public:2006-04-21
Date First Published:2006-04-28
Date Last Updated:2006-05-31
CERT Advisory: 
CVE-ID(s):CVE-2006-2007
NVD-ID(s):CVE-2006-2007
US-CERT Technical Alerts: 
Metric:3.42
Document Revision:29

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Produced 2006 by US-CERT, a government organization
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader