"Bittorrent Inc" Milks Window To Let Code Execution Bug Live

Posted on by

Bram Cohen's (WOT: nonperson) venture "Bittorrent Inc." has let the full 90 day window for a remote execution vulnerability revealed through Google's irresponsible disclosure program nearly expire before issuing a supposed fix to their uTorrent software. To ensure a timely upgrade panic the details and a demonstration of the vulnerability are already available (archived).

3 thoughts on “"Bittorrent Inc" Milks Window To Let Code Execution Bug Live

  1. Also precious,

    I noticed that utorrent is using unmodified mersenne twister to generate authentication tokens and cookies, session identifiers, pairing keys, and so on. The PRNG is seeded with GetProcessId(), GetTickCount() etc.

    Reply

  2. "Comment 10[snip] But now, they added a second token [snip] So…you just have to fetch that token as well [snip] Therefore, this issue is still exploitable."

    Reply

Leave a Reply to Stanislav Datskovskiy Cancel reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>