Title: BNBT BitTorrent Tracker Denial of Service Vulnerability
Severity: HIGH
Description:
BNBT BitTorrent Tracker is a C++ implementation of the BitTorrent tracker, a server for managing P2P BitTorrent connections.
BNBT BitTorrent Tracker versions Beta 7.5 release 2 and prior are affected by a flaw related to decoding of HTTP Basic Authentication credentials (util.cpp). If a client transmits to the server the credential string "A==", the server will crash. The cause of this behavior has not been identified, though the issue may lie in the server's use or misuse of the Base64 implementation. The condition may be due to a misallocation of memory, and the crash may be the result of corruption of sensitive memory values.
A check has been introduced in version 73_20040521 that will log exploitation attempts and return prematurely if a request is made with credentials "A==". This may not be enough to eliminate the vulnerability entirely. Version Beta 7.5 Beta Release 3 removes the likely vulnerable code, but may break authentication on Big Endian systems.
Affected Products:
- Trevor Hogan BNBT 7.5.0 Beta Release 2
References:
- Security-Protocols.com: BNBT BitTorrent Tracker Denial Of Service
- Trevor Hogan: BNBT Homepage
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
